Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

GHSA-29cq-5w36-x7w3: Livewire is vulnerable to remote command execution during component property update hydration

### Impact In Livewire v3 (≤ 3.6.3), a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is unique to Livewire v3 and does not affect prior major versions. Exploitation requires a component to be mounted and configured in a particular way, but does not require authentication or user interaction. ### Patches This issue has been patched in Livewire v3.6.4. All users are strongly encouraged to upgrade to this version or later as soon as possible. ### Workarounds There is no known workaround at this time. Users are strongly advised to upgrade to a patched version immediately. ### Resources No public references available at this time to avoid exposure. Details will be published after a responsible disclosure window.

ghsa
Open in Source
#vulnerability#ios#git#auth
How Secure Is Online Fax: Privacy and Data Protection Standards

When it comes to sharing sensitive documents online, security sits at the top of everyone’s checklist. Online faxing is…

Dating app scammer cons former US army colonel into leaking national secrets

A former US army colonel faces up to ten years in prison after revealing national secrets on a foreign dating app.

GHSA-4q2v-9p7v-3v22: Reactor Netty HTTP is vulnerable to credential leaks during chained redirects

In some specific scenarios with chained redirects, Reactor Netty HTTP client leaks credentials. In order for this to happen, the HTTP client must have been explicitly configured to follow redirects.

Cut Response Time with This Free, Powerful Threat Intelligence Service

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.

AI 'Nudify' Websites Are Raking in Millions of Dollars

Millions of people are accessing harmful AI “nudify” websites. New analysis says the sites are making millions and rely on tech from US companies.

Your Simple Guide: How to Use Filmora’s Planar Tracker for Awesome Video Edits

Easily stick logos, text, or graphics onto moving surfaces with Filmora’s planar tracker. Just read this article to know how!

FBI Seizes Major Sites Sharing Unreleased and Pirated Video Games

FBI seizes top piracy sites leaking unreleased and pirated video games with millions of downloads and 170 million dollars in losses for developers and publishers.

No thanks: Google lets its Gemini AI access your apps, including messages

Google says it's Gemini AI will soon be able to access your messages, WhatsApp, and utilities on your phone. But we're struggling to see that as a good thing.

A message from Bruce the mechanical shark

This Fourth of July, Bruce, the 25-foot mechanical shark from Jaws, shares how his saltwater struggles mirror the need for real-world cybersecurity stress testing.