Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2023-33338: CVE-nu11secur1ty/vendors/ANUJ-KUMAR/Old-Age-Home-Management-2022-2023-1.0 at main · nu11secur1ty/CVE-nu11secur1ty

Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter.

CVE
Open in Source
#sql#web#windows#apple#apache#php#chrome#webkit#ssl
Update now! Apple issues patches for three actively used zero-days

Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: RSR Tags: CVE-2023-32409 Tags: CVE-2023-28204 Tags: CVE-2023-32373 Tags: out of bounds Tags: use after free Apple issued information about patches against three actively exploited zero-days in WebKit. One vulnerability is new, two were patched earlier this month. (Read more...) The post Update now! Apple issues patches for three actively used zero-days appeared first on Malwarebytes Labs.

Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11

Categories: Podcast This week on Lock and Code, we speak with longtime security researcher about the eerily similar attempts across the globe to weaken the Internet to achieve one specific, social goal. (Read more...) The post Identity crisis: How an anti-porn crusade could jam the Internet, featuring Alec Muffett: Lock and Code S04E11 appeared first on Malwarebytes Labs.

The Real Risks in Google’s New .Zip and .Mov Domains

While the company’s new top-level domains could be used in phishing attacks, security researchers are divided on how big of a problem they really pose.

A TikTok ‘Car Theft’ Challenge Is Costing Hyundai $200 Million

Plus: The FBI gets busted abusing a spy tool, an ex-Apple engineer is charged with corporate espionage, and collection of airborne DNA raises new privacy risks.

Apple Patches 3 Zero-Days Possibly Already Exploited

In an advisory released by the company, Apple revealed patches for three previously unknown bugs it says may already have been used by attackers.

How You, or Anyone, Can Dodge Montana’s TikTok Ban

Montana’s TikTok ban will be impossible to enforce. But it could encourage copycat crackdowns against the social media app.

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities

Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address three new zero-day flaws that it said are being actively exploited in the wild. The three security shortcomings are listed below - CVE-2023-32409 - A WebKit flaw that could be exploited by a malicious actor to break out of the Web Content sandbox. It was addressed with

WordPress Elementor Lite 5.7.1 Arbitrary Password Reset

On May 11 2023, Essential Addons for Elementor, a WordPress plugin with over one million active installations, released a patch for a critical vulnerability that made it possible for any unauthenticated user to reset arbitrary user passwords, including user accounts with administrative-level access. Versions 5.7.1 and below are affected.

Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions

Apple has announced that it prevented over $2 billion in potentially fraudulent transactions and rejected roughly 1.7 million app submissions for privacy and security violations in 2022. The computing giant said it terminated 428,000 developer accounts for potential fraudulent activity, blocked 105,000 fake developer account creations, and deactivated 282 million bogus customer accounts. It