Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Cloudflare Hacked After State Actor Leverages Okta Breach

By Deeba Ahmed CloudFlare Servers Were Hacked on Thanksgiving Day Using Auth Tokens Stolen in Okta Breach. This is a post from HackRead.com Read the original post: Cloudflare Hacked After State Actor Leverages Okta Breach

HackRead
Open in Source
#sql#vulnerability#ios#android#google#microsoft#ddos#aws#auth#jira#bitbucket
Anonymous Sudan Claims DDOS Attacks on UAE’s Flydubai Airline

By Waqas Anonymous Sudan alleges that the cyber attack they conducted has crippled the reservation system and other online assets of the targeted entity. This is a post from HackRead.com Read the original post: Anonymous Sudan Claims DDOS Attacks on UAE’s Flydubai Airline

The many ways electric cars are vulnerable to hacks, and whether that matters in a real-world

Researchers recently discovered 49 zero-day vulnerabilities, including a two-vulnerability exploit chain in Tesla cars that could allow an attacker to take over the onboard infotainment system.

Apple and Google Just Patched Their First Zero-Day Flaws of the Year

Plus: Google fixes dozens of Android bugs, Microsoft rolls out nearly 50 patches, Mozilla squashes 15 Firefox flaws, and more.

Chrome 121 Javascript Fork Malloc Bomb

Chrome version 121 suffers from a javascript fork malloc vulnerability that indicates memory corruption upon crash.

10 things to do to improve your online privacy

It's Data Privacy Week so here are 10 tips from our VP of Consumer Privacy, Oren Arar, about how to stay private online.

QR Code Phishing Soars 587%: Users Falling Victim to Social Engineering Scams

By Deeba Ahmed QR Code Phishing has surged by a staggering 587%, with scammers exploiting it to steal login credentials and deploy malware. This is a post from HackRead.com Read the original post: QR Code Phishing Soars 587%: Users Falling Victim to Social Engineering Scams

CVE-2024-21382: Microsoft Edge for Android Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.

CVE-2024-21387: Microsoft Edge for Android Spoofing Vulnerability

**According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability?** The attacker is able to cover and spoof elements of the UI. The modified information is only visual.

How to lock out your ex-partner from your smart home

Your smart devices may reveal information about you or your location to an ex-partner. Here's how to lock them out.