Lucene search
K

396 matches found

Packet Storm News
Packet Storm News
added 2025/04/16 12:0 a.m.3 views

I Know What You Bought Last Summer: Investigating User Data Leakage in E-Commerce Platforms

In the digital age, e-commerce has transformed the way consumers shop, offering convenience and accessibility. Nevertheless, concerns about the privacy and security of personal information shared on these platforms have risen. In this work, we investigate user privacy violations, noting the risks...

6.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2025/03/05 8:59 p.m.19 views

Important: Red Hat Security Advisory: Streams for Apache Kafka 2.9.0 release and security update

Streams for Apache Kafka 2.9.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS7AI score0.01414EPSS
Exploits1References8
Malwarebytes
Malwarebytes
added 2025/02/24 8:17 a.m.7 views

A week in security (February 17 – February 23)

Last week on Malwarebytes Labs: Healthcare security lapses keep piling up SecTopRAT bundled in Chrome installer distributed via Google Ads Google Docs used by infostealer ACRStealer as part of attack DeepSeek found to be sharing user data with TikTok parent company ByteDance Malwarebytes introduc...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/02/20 2:23 p.m.13 views

DeepSeek found to be sharing user data with TikTok parent company ByteDance

A couple of weeks ago we reported on the concerns surrounding data collection and security at DeepSeek, the Chinese AI company which recently made headlines for shaking up the industry after seemingly appearing from nowhere to become top of the app download charts. Now South Korea’s Personal...

6.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/02/17 8:12 a.m.7 views

A week in security (February 10 – February 16)

Last week on Malwarebytes Labs: A suicide reveals the lonely side of AI chatbots, with Courtney Brown Lock and Code S06E03 Apple ordered to grant access to users’ encrypted data Phishing evolves beyond email to become latest Android app threat Apple fixes zero-day vulnerability used in "extremely...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/02/12 11:30 a.m.8 views

Gambling firms are secretly sharing your data with Facebook

While you might think you’re hitting the jackpot, whether you’ve consented to it or not, online gambling sites are playing with your data. Users’ data, including details of webpages they visited and buttons they clicked, are being shared with Meta, Facebook’s parent company. The Observer reports...

7.6AI score
Exploits0
Circl
Circl
added 2024/12/16 7:2 p.m.15 views

CVE-2024-10095

creationtimestamp| type| source ---|---|--- 2024-12-16 19:02:42+00:00| seen| https://t.me/cvedetector/13024 2025-04-21 04:24:57+00:00| seen| https://t.me/CyberBulletin/10648 2025-04-21 06:24:57+00:00| seen| https://t.me/CyberBulletin/3086 2025-08-09 13:26:56+00:00| seen|...

9.8CVSS4.8AI score0.00743EPSS
Exploits0References3
OSV
OSV
added 2024/12/03 6:15 a.m.3 views

CVE-2024-49416

Use of implicit intent for sensitive communication in SmartThings prior to version 1.8.21 allows local attackers to get sensitive information...

5.5CVSS5.8AI score0.00134EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2024/11/06 6:58 a.m.11 views

South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers

Meta has been fined 21.62 billion won $15.67 million by South Korea's data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent. The...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/10/28 9:28 a.m.11 views

A week in security (October 21 – October 27)

Last week on Malwarebytes Labs: 100 million US citizens officially impacted by Change Healthcare data breach Pinterest tracks users without consent, alleges complaint After concerns of handing Facebook taxpayer info, four companies found to have improperly shared data LinkedIn bots and spear...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/10/23 4:30 p.m.7 views

After concerns of handing Facebook taxpayer info, four companies found to have improperly shared data

Four tax preparation software companies failed to comply with government rules that require the sharing of tax-related info to be done only with specific disclosures and full tax-payer consent, according to an audit released by the Treasure Inspector General for Tax Administration TIGTA in the...

6.9AI score
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2024/08/29 12:0 a.m.17 views

Spring Boot CDS support and Project Leyden anticipation

How can Spring Boot developers improve the runtime efficiency of their applications with minimal constraints in order to enjoy those benefits on most applications? The answer is the CDS support introduced by Spring Boot 3.3 which allows you to start your Spring Boot applications faster and consum...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/07/29 3:24 p.m.9 views

US senators ask FTC to investigate car makers’ privacy practices

An ongoing US Senate investigation indicated that connected car makers violate consumer privacy by sharing and selling drivers’ data, including their location, on a vast scale, and that the same car makers often obtain consumer consent through deception. Based on this investigation, senators have...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/07/15 8:1 a.m.14 views

A week in security (July 8 – July 14)

Last week on Malwarebytes Labs: "Nearly all" AT&T customers had phone records stolen in new data breach disclosure Fake Microsoft Teams for Mac delivers Atomic Stealer Dangerous monitoring tool mSpy suffers data breach, exposes customer details iPhone users in 98 countries warned about spyware by...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2024/06/25 12:0 a.m.34 views

CVE-2024-37742

Insecure Access Control in Safe Exam Browser SEB = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system, compromising exam integrity. By exploiting this flaw, an attacker can bypass exam controls and gain an unfair...

0.00507EPSS
Exploits4References2
HackRead
HackRead
added 2024/06/18 4:10 p.m.17 views

Internet Computer Protocol Launches Walletless Verified Credentials for Public Trust

Internet Computer Protocol ICP introduces Verified Credentials VCs, a walletless solution enhancing data sharing privacy. Unveiled at DICE 2024, VCs help combat bots and fake accounts on social media, ensuring secure and efficient verification...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/14 1:21 p.m.18 views

Google's Privacy Sandbox Accused of User Tracking by Austrian Non-Profit

Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox has run into fresh trouble after Austrian privacy non-profit noyb none of your business said the feature can still be used to track users. "While the so-called 'Privacy Sandbox' is advertised a...

6.8AI score
Exploits0
Qualys Blog
Qualys Blog
added 2024/05/09 4:0 p.m.20 views

How to Create Collaboration and Shared Goals with IT and Security Teams

In today’s ITSM landscape, merging IT operations and security practices is no longer “ideal”, but imperative. According to a recent Gartner® Board of Directors Survey 1, 88% of respondents indicated that their organization perceives cybersecurity as a business risk. This was up from 58% in 2016,...

7.4AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2024/05/01 6:0 p.m.10 views

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

Microsoft discovered a path traversal-affiliated vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s home directory. The implications of this vulnerability pattern include arbitrary code...

7.5AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/04/24 10:0 a.m.10 views

ShotSpotter Keeps Listening for Gunfire After Contracts Expire

Internal emails suggest that the company continued to provide gunshot data to police in cities where its contracts had been canceled...

7.2AI score
Exploits0
Rows per page
Query Builder