Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments

Threat actors are increasingly banking on a new technique that leverages near-field communication (NFC) to cash out victim's funds at scale. The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relaying NFC traffic. "Criminals can now misuse Google Pay and Apple

The Hacker News
#apple#google#The Hacker News
African Reliance on Foreign Suppliers Boosts Insecurity Concerns

Recent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech vendors.

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The flaws are listed below - CVE-2024-44308 - A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web content CVE-2024-44309 - A cookie management vulnerability in

WhatsApp: NSO Group Operates Pegasus Spyware for Customers

Freshly released court documents reveal new details on controversial Israeli spyware firm's operations.

To Map Shadow IT, Follow Citizen Developers

The tangle of user-built tools is formidable to manage, but it can lead to a greater understanding of real-world business needs.

Bitfinex Hacker Gets 5 Years for $10 Billion Bitcoin Heist

Plus: An “AI granny” is wasting scammers’ time, a lawsuit goes after spyware-maker NSO Group’s executives, and North Korea–linked hackers take a crack at macOS malware.

ChatGPT Exposes Its Instructions, Knowledge & OS Files

According to Mozilla, users have a lot more power to manipulate ChatGPT than they might realize. OpenAI hopes those manipulations remain within a clearly delineated sandbox.

These 8 Apps on Google Play Store Contain Android/FakeApp Trojan

Eight Android apps on the Google Play Store, downloaded by millions, contain the Android.FakeApp trojan, stealing user data…

Lazarus Group Targets macOS with RustyAttr Trojan in Fake Job PDFs

Group-IB has uncovered Lazarus group’s stealthy new trojan and technique of hiding malicious code in extended attributes on…

Microsoft Power Pages Leak Millions of Private Records

Less-experienced users of Microsoft's website building platform may not understand all the implications of the access controls in its low- or no-code environment.