Lucene search
K

74 matches found

EUVD
EUVD
added 2026/05/13 4:26 a.m.7 views

EUVD-2025-209819

The Broadstreet plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the createadvertiser AJAX action in all versions up to, and including, 1.53.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create...

4.3CVSS5.8AI score0.00158EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/02/27 7:56 a.m.9 views

Meta Files Lawsuits Against Brazil, China, Vietnam Advertisers Over Celeb-Bait Scams

Meta on Thursday said it's taking legal action to tackle scams on its platforms by filing lawsuits against what it calls deceptive advertisers based in Brazil, China, and Vietnam. As part of the effort, the advertisers' methods of payment have been suspended, related accounts have been disabled,...

6AI score
Exploits0
Hacker One
Hacker One
added 2025/10/26 7:51 p.m.11 views

Revive Adserver: Stored XSS in Conversion Statistics via Tracker Name

I found stored XSS on the conversion statistics page. Advertisers can inject malicious JavaScript through tracker names, which executes when admins view conversion reports www/admin/stats-conversions.php:356. I was able to steal admin session cookies using this vulnerability. This is a privilege...

8.7CVSS6.6AI score0.00445EPSS
Exploits1
Malwarebytes
Malwarebytes
added 2025/10/16 10:20 a.m.9 views

Roku accused of selling children’s data to advertisers and brokers

The state of Florida has accused Roku, which powers many smart TVs and streaming devices, of selling children's data to third parties without their consent. According to the Florida Attorney General James Uthmeier, Roku collected viewing habits, voice recordings, and precise geolocation from kids...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/01/30 3:56 p.m.12 views

Microsoft advertisers phished via malicious Google ads

Just days after we uncovered a campaign targeting Google Ads accounts, a similar attack has surfaced, this time aimed at Microsoft advertisers. These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft's advertising platform...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/12/03 6:42 p.m.12 views

Repeat offenders drive bulk of tech support scams via Google Ads

Of all the different kinds of malicious search ads we track, those related to customer service are by far the most common. Brands such as PayPal, eBay, Apple or Netflix are among the most coveted ones as they tend to drive a lot of online searches. Tech support scammers are leveraging Google ads ...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/11/06 6:58 a.m.11 views

South Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with Advertisers

Meta has been fined 21.62 billion won $15.67 million by South Korea's data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without their consent. The...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/28 3:0 a.m.14 views

Why blocking ads is good for your digital health

Online content is largely powered and paid for by advertising. Almost every site you visit, every forum you browse, and even the online stores you buy things from is an advert extravaganza, and they dont just stop at showing cool offers for shirts at 50% off. The scaffolding the adverts sit on go...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/10 8:15 a.m.24 views

How the cops buy a "God view" of your location data, with Bennett Cyphers: Lock and Code S04E09

The list of people and organizations that are hungry for your location data--collected so routinely and packaged so conveniently that it can easily reveal where you live, where you work, where you shop, pray, eat, and relax--includes many of the usual suspects. Advertisers, obviously, want to sen...

6.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2021/12/29 9:32 p.m.25 views

Happy 12th Birthday, KrebsOnSecurity.com!

KrebsOnSecurity.com celebrates its 12th anniversary today! Maybe "celebrate" is too indelicate a word for a year wracked by the global pandemics of COVID-19 and ransomware. Especially since stories about both have helped to grow the audience here tremendously in 2021. But this sites birthday also...

6.8AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2021/08/06 12:0 a.m.24 views

This Week in Security News - August 6, 2021

This week, learn how false advertisers use spam browser notifications to gain ad revenue. Also, read about the results from Trend Micro’s first half 2021 biannual Cyber Risk Index report...

2.6AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/22 4:24 p.m.40 views

Kids’ Apps on Google Play Rife with Privacy Violations

About 20 percent of the Top 500 kids’ mobile apps in the Google Play store are collecting data on users in a way that likely violates the Children’s Online Privacy Protection Act COPPA. These have been downloaded by a collective 492 million users, researchers said. That’s according to an analysis...

6.7AI score
Exploits0References8
Wired Threat Level
Wired Threat Level
added 2021/05/09 12:0 p.m.50 views

What’s Google FLoC? And How Does It Affect Your Privacy?

There’s a battle raging over how advertisers can target us on the web—or whether they should be able to target us at all...

2.9AI score
Exploits0
ThreatPost
ThreatPost
added 2021/03/19 2:52 p.m.33 views

CopperStealer Malware Targets Facebook and Instagram Business Accounts

A malware that until now has gone undocumented has been quietly hijacking online accounts of advertisers and users of Facebook, Apple, Amazon, Google and other web giants since July 2019 and then using them for nefarious activity, researchers have found. Dubbed CopperStealer, the malware acts...

7AI score
Exploits0References7
Wired Threat Level
Wired Threat Level
added 2021/02/03 2:0 p.m.30 views

The Chrome Update Is Bad for Advertisers, but Good for Google

The world’s most popular browser is about to make it a lot harder for advertisers to track your online activity...

4.1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/08/20 7:41 p.m.71 views

IBM Settles Lawsuit Over Weather Channel App Data Privacy

IBM, the owner of the Weather Channel mobile app, has reached a settlement with the Los Angeles city attorney’s office after a 2019 lawsuit alleged that the app was deceiving its users in how it was using their geolocation data. The 2019 lawsuit claimed, the app’s permission prompt for users to...

6CVSS6.5AI score0.02606EPSS
Exploits0References10
Wired Threat Level
Wired Threat Level
added 2020/04/03 2:0 p.m.47 views

Thousands of Android Apps Are Silently Accessing Your Data

More than 4,000 Google Play apps let developers and advertisers collect a list of the user's other installed apps, no permission needed...

2.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/03/02 12:28 p.m.40 views

Facebook's Download-Your-Data Tool Is Incomplete

Privacy International has the details: Key facts: Despite Facebook claim, "Download Your Information" doesn't provide users with a list of all advertisers who uploaded a list with their personal data. As a user this means you can't exercise your rights under GDPR because you don't know which...

2.1AI score
Exploits0
The Hacker News
The Hacker News
added 2019/11/26 2:34 p.m.6 views

Malicious Android SDKs Caught Accessing Facebook and Twitter Users Data

Two third-party software development kits integrated by over hundreds of thousands of Android apps have been caught holding unauthorized access to users' data associated with their connected social media accounts. In a blog post published yesterday, Twitter revealed that an SDK developed by...

5.8AI score
Exploits0
ThreatPost
ThreatPost
added 2019/10/15 9:2 p.m.103 views

Unencrypted Mobile Traffic on Tor Network Leaks PII

Unencrypted, sensitive and confidential user data originating from millions of mobile devices is carried on the Tor network every day. Now researchers say they have devised away to scoop up that data and create personal profiles for specific mobile users, that include GPS coordinates, web...

7.2AI score
Exploits0References4
Rows per page
Query Builder