Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

AI Ethics, Cybersecurity and Finance: Navigating the Intersection

Artificial intelligence is transforming industries, but its adoption also raises ethical and cybersecurity concerns, especially in the regulated…

HackRead
Open in Source
#vulnerability#mac#intel
Microsoft Entra ID Lockouts After MACE App Flags Legit Users

Was your Microsoft Entra ID account locked? Find out about the recent widespread lockouts caused by the new…

Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach

Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it's also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed updates to Microsoft Entra ID and MS for both public and United States government clouds to

Native Language Phishing Spreads ResolverRAT to Healthcare

Morphisec discovers a new malware threat ResolverRAT, that combines advanced methods for running code directly in computer memory,…

North Korea, Iran, Russia-Backed Hackers Deploy ClickFix in New Attacks

Government-backed hacking groups from North Korea (TA427), Iran (TA450), and Russia (UNK_RemoteRogue, TA422) are now using the ClickFix…

Chinese APT IronHusky Deploys Updated MysterySnail RAT on Russia

Kaspersky researchers report the reappearance of MysterySnail RAT, a malware linked to Chinese IronHusky APT, targeting Mongolia and…

GHSA-22fp-mf44-f2mq: youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization

#### Description This advisory follows the security advisory [GHSA-79w7-vh3h-8g4j published by the _yt-dlp/yt-dlp_ project](https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-79w7-vh3h-8g4j) to aid remediation of the issue in the _ytdl-org/youtube-dl_ project. ### Vulnerability _youtube-dl_ does not limit the extensions of downloaded files, which could lead to arbitrary filenames being created in the download folder (and path traversal on Windows). ### Impact Since _youtube-dl_ also reads config from the working directory (and, on Windows, executables will be executed from the _youtube-dl_ directory by default) the vulnerability could allow the unwanted execution of local code, including downloads masquerading as, eg, subtitles. ### Patches The versions of _youtube-dl_ listed as _Patched_ remediate this vulnerability by disallowing path separators and whitelisting allowed extensions. As a result, some very uncommon extensions might not get downloaded. ### Workarounds Any/al...

2025’s Top OSINT Tools: A Fresh Take on Open-Source Intel

Check out the top OSINT tools of 2025, an updated list featuring the best free and paid open-source…

Unlocking the Power of MetaTrader – Your Ultimate Trading Tool

MetaTrader is a key tool for traders, offering a comprehensive platform that supports various financial instruments. Understanding its…