Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2021-40940: Monstra 3.0.4 case without filtering leads to unrestricted file upload vulnerability · Issue #471 · monstra-cms/monstra

Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability.

CVE
#csrf#vulnerability#web#apple#ubuntu#linux#apache#php#chrome#webkit
Firefox stops advertisers tracking you as you browse, calls itself the most “private and secure major browser”

Mozilla has launched its Total Cookie Protection addition to Firefox for users worldwide. What does it do? The post Firefox stops advertisers tracking you as you browse, calls itself the most “private and secure major browser” appeared first on Malwarebytes Labs.

24+ Billion Credentials Circulating on the Dark Web in 2022 — So Far

Username and password combinations offered for sale on the Dark Web by criminals has increased 65% since 2020.

Travel-related Cybercrime Takes Off as Industry Rebounds

Upsurge in the tourism industry after the COVID-19 pandemic grabs the attention of cybercriminals to scam the tourists.

CVE-2022-2087: webray.com.cn/phpbankxss.md at main · joinia/webray.com.cn

A vulnerability, which was classified as problematic, was found in SourceCodester Bank Management System 1.0. This affects the file /mnotice.php?id=2. The manipulation of the argument notice with the input <script>alert(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2022-2086: webray.com.cn/phpbanksql.md at main · joinia/webray.com.cn

A vulnerability, which was classified as critical, has been found in SourceCodester Bank Management System 1.0. Affected by this issue is login.php. The manipulation of the argument password with the input 1'and 1=2 union select 1,sleep(10),3,4,5 --+ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

CVE-2021-41413: GitHub - brackeen/ok-file-formats: Decoders for PNG, JPEG, WAV, and a few other file formats

ok-file-formats master 2021-9-12 is affected by a buffer overflow in ok_jpg_convert_data_unit_grayscale and ok_jpg_convert_YCbCr_to_RGB.

Hackers Using Web3 Backdoor Wallets to Steal Seed Phrases from iOS/Android Users

By Deeba Ahmed A Chinese-speaking, technically skilled threat actor distributes backdoored applications to extract cash from victims in the newly discovered… This is a post from HackRead.com Read the original post: Hackers Using Web3 Backdoor Wallets to Steal Seed Phrases from iOS/Android Users

Don’t panic! “Unpatchable” Mac vulnerability discovered

Researchers at MIT have published details about an attack that uses a flaw in the M1 security feature pointer authentication codes. The post Don’t panic! “Unpatchable” Mac vulnerability discovered appeared first on Malwarebytes Labs.