Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

First Mobile Crypto Drainer on Google Play Steals $70K from Users

A malicious app disguised as a legitimate WalletConnect tool targeted mobile users on Google Play. The app stole…

HackRead
#web#android#apple#google#git
Transport, Logistics Orgs Hit by Stealthy Phishing Gambit

Companies in this industry vertical tend toward large financial transactions with partners, suppliers, and customers.

'SloppyLemming' APT Abuses Cloudflare Service in Pakistan Attacks

Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target?

Sophisticated RAT Hides Behind P. Diddy Scandal Lures

The advanced Python-based PysSilon malware can steal data, record keystrokes, and execute remote commands. The attackers behind it are promising to leak details of deleted X posts related to accused rapper and music producer Sean Combs.

Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy Preserving Attribution (PPA) without explicitly seeking users' consent. "Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites," noyb said

PDiddySploit Malware Hidden in Files Claiming to Reveal Deleted Diddy Posts

Cybercriminals are exploiting the ongoing Sean “Diddy” Combs scandal by spreading the new PDiddySploit malware hidden in infected…

Kansas Water Plant Pivots to Analog After Cyber Event

A water treatment facility in a small city took serious precautions to prevent any bad outcomes from a hazy cyber incident.

Apple iOS 17.2.1 Screen Time Passcode Retrieval / Mitigation Bypass

A mitigation bypass / privilege escalation flaw has been discovered in Apple's iOS Screen Time functionality, granting one access to modify the restrictions. It allows a local attacker to acquire the Screen Time Passcode by bypassing the anti-bruteforce protections on the four-digit Passcode, and in consequence gaining total control over Screen Time (Parental Control) settings. Version 17.2.1 is affected.