EXAM: Exploiting Exclusive System-Level Cache in Apple M-Series SoCs for Enhanced Cache Occupancy Attacks

Cache occupancy attacks exploit the shared nature of cache hierarchies to infer a victim's activities by monitoring overall cache usage, unlike access-driven cache attacks that focus on specific cache lines or sets. There exists some prior work that target the last-level cache LLC of Intel...

Creating a Windows Application Using Visual Studio Code, Cline, OpenRouter, and Claude

I just created a Windows 10/11 application that takes square screen captures. I did zero coding myself but used Visual Studio Code, Cline, OpenRouter, and Claude. I got the idea by watching a video on so-called Vibe programming by a YouTuber named Memory. I have zero Windows programming experienc...

January 28, 2025—KB5050081 (OS Build 19045.5440) Preview

January 28, 2025—KB5050081 OS Build 19045.5440 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow...

Malicious Package

Overview zebo is a malicious package. This package steals information from the victim by logging keystrokes and taking screen captures, which are exfiltrated to a server under the attacker's control. Remediation Avoid using all malicious instances of the zebo package. References - Fortinet Report...

New Stealer Uses Invalid Cert To Compromise Systems

New Stealer Uses Invalid Cert To Compromise Systems By Mohinder Gill, Mallikarjun Wali and Sangram Mohapatro · November 07, 2024 A new Stealer has been making the rounds. Its name: Fickle. Fickle Stealer is a new Rust-based information stealer that spreads through various attack vectors, includin...

New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT

Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan RAT called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multi-stage process to deliver the RAT...

Mattermost Desktop < 5.9.0 (Windows / Unix) (MMSA-2024-00372)

The version of Mattermost Desktop installed on the remote host is prior to 5.9.0. It is, therefore, affected by a vulnerability as referenced in the MMSA-2024-00372 advisory. - Mattermost versions 5.9.0 Mattermost Desktop app have a vulnerability in their screen capture functionality, allowing...

CVE-2024-44189

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue existed where a process may be able to capture screen contents without user consent...

CVE-2024-44189

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue existed where a process may be able to capture screen contents without user consent...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS version 15, which originates from a logical issue that could cause a process to capture screen content without the user's consent...

CVE-2024-44189

CVE-2024-44189 affects macOS WindowServer and relates to a logic issue where a process could capture screen contents without user consent. The public records indicate this was addressed with improved checks and that macOS Sequoia 15 includes the fix. The Red Hat and Apple advisories corroborate t...

CVE-2024-44189

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue existed where a process may be able to capture screen contents without user consent...

CVE-2024-44189

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15. A logic issue existed where a process may be able to capture screen contents without user consent...

GHSA-5777-RCJJ-9P22 Mattermost Desktop App fails to safeguard screen capture functionality

Mattermost Desktop App versions =5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs...

Mattermost Desktop App fails to safeguard screen capture functionality

Mattermost Desktop App versions =5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs...

CVE-2024-39772

Mattermost Desktop App versions =5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs...

CVE-2024-39772

Mattermost Desktop App versions =5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs...

CVE-2024-39772 Silent Desktop Screenshot Capture

Mattermost Desktop App versions =5.8.0 fail to safeguard screen capture functionality which allows an attacker to silently capture high-quality screenshots via JavaScript APIs...

Mattermost Desktop App 安全漏洞

Mattermost Desktop App is a messaging desktop application from Mattermost USA. A security vulnerability exists in Mattermost Desktop App version 5.8.0 and prior versions, which stems from a failure to protect the screen capture functionality. An attacker can exploit the vulnerability to silently...

PT-2024-31022 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to Sequoia 15 Description: A logic issue existed where a process may be able to capture screen contents without user consent. The issue was addressed with improved checks. Recommendations: For versions prior to macOS...