Security
Headlines
HeadlinesLatestCVEs

Tag

#android

Update now! Microsoft fixes two zero-days on February Patch Tuesday

Microsoft has issued patches for 73 security vulnerabilities in its February 2024 Patch Tuesday.

Malwarebytes
Open in Source
#vulnerability#web#android#windows#microsoft#rce#auth#zero_day#sap
How are attackers using QR codes in phishing emails and lure documents?

QR code attacks are particularly dangerous because they move the attack vector off a protected computer and onto the target’s personal mobile device, which usually has fewer security protections in place and ultimately has the sensitive information that attackers are after.

‘AI Girlfriends’ Are a Privacy Nightmare

Romantic chatbots collect huge amounts of data, provide vague information about how they use it, use weak password protections, and aren’t transparent, new research from Mozilla says.

TheTruthSpy stalkerware, still insecure, still leaking data

Stalkerware app TheTruthSpy has been hacked for the fourth time, once again leaking the sensitive data it captures.

Stalkerware App “TheTruthSpy” Hacked Again, 50,000 Device Data Stolen

By Waqas The infamous stalkerware app was hacked by SiegedSec and ByteMeCrew, who shared the data with Switzerland-based hacker Maia Arson Crimew. This is a post from HackRead.com Read the original post: Stalkerware App “TheTruthSpy” Hacked Again, 50,000 Device Data Stolen

CVE-2024-21374: Microsoft Teams for Android Information Disclosure

**According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is information disclosure?** The attack itself is carried out locally. For example, when the score indicates that the **Attack Vector** is **Local** (AV:L) and **User Interaction** is **Required** (UI:R), this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and run a malicious application. This could lead to a local attack on the user's device which could leak data.

QR Code Scam: Fake Voicemails Target Users, 1000 Attacks in 14 Days

By Deeba Ahmed Fake Voicemail Phishing on the Rise: Check Point Reveals How Hackers are Exploiting Corporate Phone Systems. This is a post from HackRead.com Read the original post: QR Code Scam: Fake Voicemails Target Users, 1000 Attacks in 14 Days

MoqHao Android Malware Evolves with Auto-Execution Capability

Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no execution," McAfee Labs said in a report published this week. "While the app is

Over 800 Phony “Temu” Domains Lure Shoppers into Credential Theft

By Deeba Ahmed Blank Image, Fake Link: Unraveling the Temu Phishing Scam Targeting Senior Shoppers! This is a post from HackRead.com Read the original post: Over 800 Phony “Temu” Domains Lure Shoppers into Credential Theft

Fake LastPass Password Manager App Lurks on iOS App Store

By Waqas Remember, it is LastPass Password Manager, not LassPass Password Manager! This is a post from HackRead.com Read the original post: Fake LastPass Password Manager App Lurks on iOS App Store