Security
Headlines
HeadlinesLatestCVEs

Tag

#android

CVE-2023-27645: Poweramp – Music Player for Android

An issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQ preset parameters.

CVE
#android#google#auth#chrome
CVE-2023-27179: Unrestricted File Download Vulnerability

GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php.

CVE-2023-22429: Food and more" uses a hard-coded API key for an external service

Android App 'Wolt Delivery: Food and more' version 4.27.2 and earlier uses hard-coded credentials (API key for an external service), which may allow a local attacker to obtain the hard-coded API key via reverse-engineering the application binary.

A week in security (April 3 - 9)

Categories: News Tags: TikTok Tags: Super FabriXss Tags: Twitter Tags: macOS malware Tags: ransomware Tags: 2023 State of Malware Tags: Western Digital Tags: Android Tags: endpoint security Tags: ChatGPT Tags: K-12 Tags: IoT Tags: Facebook Tags: targeted advertising Tags: Google Tags: data theft Tags: e-file Tags: tax Tags: Uber breach The most interesting security related news from the week of April 3 - 9. (Read more...) The post A week in security (April 3 - 9) appeared first on Malwarebytes Labs.

Apps for Sale: Cybercriminals Sell Android Hacks for Up to $20K a Pop

The marketplace for malicious Google Play applications and app-takeover tools is thriving, thanks to novel hacking techniques and lax enterprise security.

CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added five security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. This includes three high-severity flaws in the Veritas Backup Exec Agent software (CVE-2021-27876, CVE-2021-27877, and CVE-2021-27878) that could lead to the execution of privileged commands

How to Create a Mobile Application for Android OS Step by Step?

By Owais Sultan Android OS is available on 3.3 billion devices in 190 countries across the globe, making Android app development… This is a post from HackRead.com Read the original post: How to Create a Mobile Application for Android OS Step by Step?

How to Create and Manage Groups on iPhone

By Owais Sultan You’re sitting with your iPhone in hand, gazing at the screen with annoyance, fury, and helplessness. You need… This is a post from HackRead.com Read the original post: How to Create and Manage Groups on iPhone

Pinduoduo, a Top Chinese Shopping App, Is Laced With Malware

Plus: 119 arrested during a sting on the Genesis dark-web market, the IRS aims to buy an online mass surveillance tool, and more.

Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari

Apple on Friday released security updates for iOS, iPadOS, macOS, and Safari web browser to address a pair of zero-day flaws that are being exploited in the wild. The two vulnerabilities are as follows - CVE-2023-28205 - A use after free issue in WebKit that could lead to arbitrary code execution when processing specially crafted web content. CVE-2023-28206 - An out-of-bounds write issue in