#ios

By Uzair Amir Mathilda Studios Partners with Upland to Introduce Guntech 2.5 into Upland’s Web3 Gaming Platform with +10 Locations and… This is a post from HackRead.com Read the original post: Guntech 2.5 to Launch in Upland’s Gaming Ecosystem

### **Summary** A vulnerability has been found in Dapr that causes a leak of the application token of the invoker app to the invoked app when using Dapr as a gRPC proxy for remote service invocation. This issue arises because Dapr sends the app token of the invoker app instead of the app token of the invoked app. Users who leverage Dapr for gRPC proxy service invocation and are using the app API token feature are encouraged to upgrade Dapr to version [1.13.3](https://github.com/dapr/dapr/releases/tag/v1.13.3). ### Impact This vulnerability impacts Dapr users who use Dapr as a gRPC proxy for remote service invocation as well as the [Dapr App API token](https://docs.dapr.io/operations/security/app-api-token/) functionality. An attacker could exploit this vulnerability to gain access to the app token of the invoker app, potentially compromising security and authentication mechanisms. ### Patches The issue has been fixed in Dapr version [1.13.3](https://github.com/dapr/dapr/releases/...

By Waqas Be cautious! Hackers are selling fake Pegasus spyware source code, alerts CloudSEK. Learn how to protect yourself from… This is a post from HackRead.com Read the original post: Hackers Sell Fake Pegasus Spyware on Clearnet and Dark Web

By Deeba Ahmed Your Zoom meetings are now more secure than ever! This is a post from HackRead.com Read the original post: Zoom Announces Advanced Encryption for Increased Meeting Security

Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally -- including non-Apple devices like Starlink systems -- and found they could use this data to monitor the destruction of Gaza, as well as the movements and in many cases identities of Russian and Ukrainian troops.

### Summary Servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a MitM attack. ### References * [NO STARTTLS: Similar vulnerabilities discovered by previous researchers.](https://nostarttls.secvuln.info/)

Last week on Malwarebytes Labs: Last week on ThreatDown: Stay safe!

By Uzair Amir Discover time-saving document merging strategies for professionals. Learn how to streamline workflows, enhance collaboration, and protect document integrity for increased productivity and peace of mind. This is a post from HackRead.com Read the original post: Efficient Document Merging Strategies for Professionals

Here’s a rundown of some things you may have missed if you weren’t able to stay on top of the things coming out of the conference.

iOS users are reporting that photos they had deleted long ago suddenly showed up again after this week's 17.5 update.