Latest News

Cybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. "The threat actors behind the malware have set up fake companies using AI to make them increase legitimacy," Cado Security researcher Tara Gould said. "The company

In a historic decision, Romania's constitutional court has annulled the result of the first round of voting in the presidential election amid allegations of Russian interference. As a result, the second round vote, which was scheduled for December 8, 2024, will no longer take place. Călin Georgescu, who won the first round, denounced the verdict as an "officialized coup" and an attack on

The ABB BMS/BAS controller allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

The ABB BMS/BAS controller suffers from an authenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'instance' HTTP POST parameter called by servicesUpdate.php script.

The ABB BMS/BAS controller suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'file' HTTP GET parameter called by the fileSystemUpdateExecute.php script.

The ABB BMS/BAS controller suffers from an unauthenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'instance' HTTP POST parameter called by servicesUpdate.php script.

### Impact Due to some data types not being natively representable for the available storage options, shared_preferences_android serializes and deserializes special string prefixes to store these unrepresentable data types. This allows arbitrary classes to be deserialized leading to arbitrary code execution. As a result, Files containing the preferences can be overwritten with a malicious one with a deserialization payload that triggers as soon as the data is loaded from the disk. ### Patches 2.3.4 ### Workarounds Update to the latest version of shared_preferences_android that contains the changes to address this vulnerability. ### References TBD ### For more information See [our community page](https://dart.dev/community) to find ways to contact the team. ### Thanks Thank you so much to Oskar Zeino-Mahmalat from sonarsource for finding and reporting this issue!

An FBI operation nabbed a member of the infamous cybercrime group, who is spilling the tea on 'key Scattered Spider members' and their tactics.

The activity-recording capability has drawn concerns from the security community and privacy experts, but the tech giant is being measured in its gradual rollout, which is still in preview mode.

The new film about an FBI agent chasing a white supremacist terror cell is based on a true story—and one that connects the headlines of 30 years ago to those of today.