Security
Headlines
HeadlinesLatestCVEs

Tag

#sap

Targeted spyware and why it’s a concern to us

Experts are warning about the proliferating market for targeted spyware and espionage. Why should we be concerned?

Malwarebytes
Open in Source
#vulnerability#ios#android#git#asus#zero_day#sap
Scammers Sneak 300+ Ad Fraud Apps onto Google Play with 60M Downloads

Google Play Store hit by 300+ fake Android apps, downloaded more than 60 million times pushing ad fraud and data theft. Learn how to spot and remove these threats.

How to Permanently and Securely Delete Photos from an iPhone

Do you need to permanently and securely delete photos from an iPhone to prevent unauthorized access? Simply deleting…

GHSA-pqq3-q84h-pj6x: Sylius PayPal Plugin Payment Amount Manipulation Vulnerability

A vulnerability allows users to manipulate the final payment amount processed by PayPal. If a user modifies the item quantity in their shopping cart after initiating the PayPal Checkout process, PayPal will not receive the updated total amount. As a result, PayPal captures only the initially transmitted amount, while Sylius incorrectly considers the order fully paid based on the modified total. This flaw can be exploited both accidentally and intentionally, potentially enabling fraud by allowing customers to pay less than the actual order value. ### Impact - Attackers can intentionally pay less than the actual total order amount. - Business owners may suffer financial losses due to underpaid orders. - Integrity of payment processing is compromised. ### Patches The issue is fixed in versions: 1.6.1, 1.7.1, 2.0.1 and above. ### Workarounds To resolve the problem in the end application without updating to the newest patches, there is a need to overwrite `ProcessPayPalOrderAction` wi...

1 in 10 people do nothing to stay secure and private on vacation

Spring Break vacationers could open themselves up to online scams and cyberthreats this year, according to new research from Malwarebytes.

Cybersecurity in Crypto: Best Practices to Prevent Theft and Fraud

Cybersecurity tips to protect your cryptocurrency from hackers, scams, and fraud. Learn best practices for securing digital assets…

End-to-End Encrypted Texts Between Android and iPhone Are Coming

Plus: A nominee to lead CISA emerges, Elon Musk visits the NSA, a renowned crypto cracking firm’s secret (and problematic) cofounder is revealed, and more.

A New Era of Attacks on Encryption Is Starting to Heat Up

The UK, France, Sweden, and EU have made fresh attacks on end-to-end encryption. Some of the attacks are more “crude” than those in recent years, experts say.

The dark side of sports betting: How mirror sites help gambling scams thrive 

Sports betting is a multi-billion-dollar industry, but behind the flashing lights and promises of easy money lies a hidden underworld of deception.

March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days

Microsoft's March 2025 Patch Tuesday fixes six actively exploited zero-day vulnerabilities, including critical RCE and privilege escalation flaws. Learn how these vulnerabilities impact Windows systems and why immediate patching is essential.