Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

GHSA-7r2v-8wxr-3ch5: Yii does not prevent XSS in scenarios where fallback error renderer is used

### Impact Affected versions of yiisoft/yii are vulnerable to Reflected XSS in specific scenarios where the fallback error renderer is used. ### Patches Upgrade yiisoft/yii to version 1.1.31 or higher. ### References - [Git commit](https://github.com/yiisoft/yii/commit/d386d737861c9014269b7ed8c36c65eadb387368) If you have any questions or comments about this advisory, [contact us through security form](https://www.yiiframework.com/security).

ghsa
#xss#vulnerability#ios#git#auth
Sex-Fantasy Chatbots Are Leaking a Constant Stream of Explicit Messages

Some misconfigured AI chatbots are pushing people’s chats to the open web—revealing sexual prompts and conversations that include descriptions of child sexual abuse.

SpyNote, BadBazaar, MOONSHINE Malware Target Android and iOS Users via Fake Apps

Cybersecurity researchers have found that threat actors are setting up deceptive websites hosted on newly registered domains to deliver a known Android malware called SpyNote. These bogus websites masquerade as Google Play Store install pages for apps like the Chrome web browser, indicating an attempt to deceive unsuspecting users into installing the malware instead. "The threat actor utilized a

WhatsApp for Windows vulnerable to attacks. Update now!

If you use WhatsApp for Windows, you'll want to make sure you're on the latest version.

Patch Tuesday, April 2025 Edition

Microsoft today released updates to plug at least 121 security holes in its Windows operating systems and software, including one vulnerability that is already being exploited in the wild. Eleven of those flaws earned Microsoft's most-dire "critical" rating, meaning malware or malcontents could exploit them with little to no interaction from Windows users.

Google fixes two actively exploited zero-day vulnerabilities in Android

Google has issued patches for 62 vulnerabilities in Android, including two actively exploited zero-days.

Toll fee scams are back and heading your way

Heavy incoming traffic: A new wave of toll fee scams are sweeping America.

Top Crypto Wallets of 2025: Balancing Security and Convenience

Crypto software wallets are invincible in the micro range. If you own multiple crypto assets, you need safe and reliable wallets, too.

Flaw in Verizon call record requests put millions of Americans at risk

A security researcher found a flaw in Verizon call record requests that may have put millions of Americans at risk