125 matches found
EUVD-2025-14772
Malicious code in bioql PyPI...
EUVD-2025-13481
Malicious code in bioql PyPI...
PT-2025-37917
Name of the Vulnerable Software and Affected Versions: Sparkle framework versions prior to 2.7.2 Description: The Sparkle framework includes an XPC service, Downloader.xpc, which is, by default, private to the application it is bundled with. A local, unprivileged attacker can register this XPC...
Instagram Map: What is it and how do I control it?
Instagram Map is a new feature—for Instagram, anyway—that users may have enabled without being fully aware of the consequences. The Map feature launched in the US on August 6, 2025, and is reportedly planned for a global rollout "soon." As of mid-August 2025, not all users outside the US,...
Data Brokers Face New Pressure for Hiding Opt-Out Pages From Google
After reporters found dozens of firms hiding privacy tools from search results, US senator Maggie Hassan insists the companies explain their practices—and pledge to improve access to privacy controls...
CVE-2025-8672
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application...
PT-2025-32540 · Gimp · Gimp
Name of the Vulnerable Software and Affected Versions: GIMP versions prior to 3.1.4.2 Description: The MacOS version of GIMP includes a Python interpreter that inherits Transparency, Consent, and Control TCC permissions granted to the main application. An attacker with local access can use this...
macOS Sploitlight Flaw Exposes Apple Intelligence-Cached Data to Attackers
macOS flaw dubbed Sploitlight allows attackers to access Apple Intelligence-cached data by abusing Spotlight plugins, bypassing privacy controls...
Unveiling Usability Challenges in Web Privacy Controls
With the increasing concerns around privacy and the enforcement of data privacy laws, many websites now provide users with privacy controls. However, locating these controls can be challenging, as they are frequently hidden within multiple settings and layers. Moreover, the lack of standardizatio...
"Is It Always Watching? Is It Always Listening?" Exploring Contextual Privacy and Security Concerns toward Domestic Social Robots
Equipped with artificial intelligence AI and advanced sensing capabilities, social robots are gaining interest among consumers in the United States. These robots seem like a natural evolution of traditional smart home devices. However, their extensive data collection capabilities, anthropomorphic...
Layered, Overlapping, and Inconsistent: a Large-Scale Analysis of the Multiple Privacy Policies and Controls of U.S. Banks
Whitepaper called Layered, Overlapping, And Inconsistent: A Large-Scale Analysis Of The Multiple Privacy Policies And Controls Of U.S. Banks...
CVE-2025-24134
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.3. An app may be able to access user-sensitive data...
CVE-2020-11037
In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through a character-by-character string comparison, and so an attacker who is...
CVE-2025-31250
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data...
CVE-2025-31236
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data...
CVE-2025-31250
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data...
CVE-2025-31250
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data...
CVE-2025-31236
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data...
CVE-2025-31236
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data...
CVE-2025-31236
An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data...