Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Apple Security Advisory 2022-07-20-3

Apple Security Advisory 2022-07-20-3 - macOS Big Sur 11.6.8 addresses code execution, information leakage, null pointer, out of bounds read, and out of bounds write vulnerabilities.

Packet Storm
Open in Source
#vulnerability#web#mac#windows#apple#dos#git#intel#auth#wifi
Apple Security Advisory 2022-07-20-2

Apple Security Advisory 2022-07-20-2 - macOS Monterey 12.5 addresses bypass, code execution, information leakage, null pointer, out of bounds read, out of bounds write, and spoofing vulnerabilities.

Apple Security Advisory 2022-07-20-1

Apple Security Advisory 2022-07-20-1 - iOS 15.6 and iPadOS 15.6 addresses buffer overflow, bypass, code execution, information leakage, null pointer, out of bounds read, out of bounds write, and spoofing vulnerabilities.

Israeli Spyware Vendor Uses Chrome 0day to Target Journalists

By Deeba Ahmed The spyware vendor Candiru used the Chrome zero-day in March 2022 to target journalists and other unsuspected victims… This is a post from HackRead.com Read the original post: Israeli Spyware Vendor Uses Chrome 0day to Target Journalists

Google Bringing the Android App Permissions Section Back to the Play Store

Google on Thursday said it's backtracking on a recent change that removed the app permissions list from the Google Play Store for Android across both the mobile app and the web. "Privacy and transparency are core values in the Android community," the Android Developers team said in a series of tweets. "We heard your feedback that you find the app permissions section in Google Play useful, and

Candiru Spyware Caught Exploiting Google Chrome Zero-Day to Target Journalists

The actively exploited but now-fixed Google Chrome zero-day flaw that came to light earlier this month was weaponized by an Israeli spyware company and used in attacks targeting journalists in the Middle East. Czech cybersecurity firm Avast linked the exploitation to Candiru (aka Saito Tech), which has a history of leveraging previously unknown flaws to deploy a Windows malware dubbed

Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene

The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities.

CVE-2022-31475: GiveWP – Donation Plugin and Fundraising Platform

Authenticated (custom plugin role) Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin <= 2.20.2 at WordPress.

The Wren Eleanor story: Why you should keep your kids off social media

A 3-year old TikTok influencer has got parents talking about how to keep images of their kids away from online creeps. The post The Wren Eleanor story: Why you should keep your kids off social media appeared first on Malwarebytes Labs.

Apple Releases Security Patches for all Devices Fixing Dozens of New Vulnerabilities

Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is