Aggregator

Experts warn of Necro Trojan found in Google Play, threat actors are spreading it through fake versions of legitimate Android apps. Researchers from Kaspersky discovered a new version of the Necro Trojan in multiple apps uploaded to the Google Play store. The malware was hidden in popular applications and game mods. Kaspersky researchers first spotted […]

A vulnerability classified as critical was found in eSyndiCat Esyndicat Directory 1.6. This vulnerability affects unknown code of the file news.php. The manipulation of the argument name leads to sql injection. This vulnerability was named CVE-2007-3811. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in CMScout 1.23. This issue affects some unknown processing of the file forums.php. The manipulation of the argument f leads to sql injection. The identification of this vulnerability is CVE-2007-3812. The attack may be initiated remotely. Furthermore, there is an exploit available.

European digital rights group NOYB (None Of Your Business) has filed a privacy complaint with the Austrian data protection watchdog (DSB) against Mozilla, alleging the company uses a Firefox privacy feature (enabled without consent) to track users' online behavior. [...]

A vulnerability was found in PHP 5.2.3. It has been rated as problematic. This issue affects the function glob. The manipulation leads to improper resource management. The identification of this vulnerability is CVE-2007-3806. The attack needs to be initiated within the local network. Furthermore, there is an exploit available. It is recommended to disable the affected component.

Meta announced that it's ending its direct peering relationship with Deutsche Telekom following a court's ruling earlier this year that would oblige the tech firm to pay the telecom €20,000,000 to continue using its network. [...]

Phishing attacks are becoming more advanced and harder to detect, but there are still telltale sign

A vulnerability, which was classified as critical, has been found in Orion-Blog 2.0. This issue affects some unknown processing. The manipulation leads to Remote Code Execution. The identification of this vulnerability is CVE-2007-1471. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Bang Resto 1.0. Affected by this issue is some unknown functionality. The manipulation of the argument btnMenuItemID/itemID/itemPrice/menuID/staffID/itemqty leads to sql injection. This vulnerability is handled as CVE-2023-29849. Access to the local network is required for this attack. Furthermore, there is an exploit available.

A vulnerability was found in Percona XtraBackup up to 2.3.5/2.4.4 and classified as critical. Affected by this issue is some unknown functionality of the component xbcrypt. The manipulation leads to inadequate encryption strength. This vulnerability is handled as CVE-2016-6225. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Authors: Boudewijn Meijer && Rick VeldhovenIntroductionAs defensive security products im

Физическое объяснение фантастического мира супергероев.

A vulnerability was found in collectd up to 5.4.2/5.5.1 and classified as critical. This issue affects the function parse_packet of the file network.c. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-6254. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Tim Ban Bon Phuong 2.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2014-7017. Access to the local network is required for this attack. There is no exploit available.

On August 13, 2024, SolarWinds released a security advisory for Web Help De