Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Hackers Leaking Taylor Swift Tickets? Don’t Get Your Hopes Up

Plus: Researchers uncover a new way to expose CSAM peddlers, OpenAI suffered a secret cyberattack, cryptocurrency thefts jump in 2024, and Twilio confirms hackers stole 33 million phone numbers.

Wired
#web#mac#apple#google#git#intel#auth
Sharp Multi-Function Printer 18 Vulnerabilities

308 different models of Sharp Multi-Function Printers (MFP) are vulnerable to 18 different vulnerabilities including remote code execution, local file inclusion, credential disclosure, and more.

Apple Security Advisory 06-25-2024-1

Apple Security Advisory 06-25-2024-1 - AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8 address a spoofing vulnerability.

How Apple Intelligence’s Privacy Stacks Up Against Android’s ‘Hybrid AI’

Generative AI is seeping into the core of your phone, but what does that mean for privacy? Here’s how Apple’s unique AI architecture compares to the “hybrid” approach adopted by Samsung and Google.

Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool

Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S. "MerkSpy is designed to clandestinely monitor user activities, capture sensitive information, and establish persistence on compromised systems," Fortinet FortiGuard

Azon Dominator Affiliate Marketing Script SQL Injection

Azon Dominator Affiliate Marketing Script suffers from a remote SQL injection vulnerability.

Google to Block Entrust Certificates in Chrome Starting November 2024

Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust

Critical GitLab Bug Threatens Software Development Pipelines

The company is urging users running vulnerable versions to patch CVE-2024-5655 immediately, to avoid CI/CD malfeasance.

Authenticator for X, TikTok Exposes Personal User Info for 18 Months

With many popular apps, users must hand over personal information to prove their identity, and the big downside is they have no control over how that information gets processed and stored.

Your Phone's 5G Connection Is Vulnerable to Bypass, DoS Attacks

Wireless service providers prioritize uptime and lag time, occasionally at the cost of security, allowing attackers to take advantage, steal data, and worse.