EUVD-2022-4956

Malicious code in bioql PyPI...

CVE-2022-24901

Improper validation of the Apple certificate URL in the Apple Game Center authentication adapter allows attackers to bypass authentication, making the server vulnerable to DoS attacks. The vulnerability has been fixed by improving the URL validation and adding additional checks of the resource th...

Authentication Bypass

parse-server is vulnerable to authentication bypass. An attacker is able to bypass the authentication because of lack of proper validation and checks for Apple certificate URL in the Apple Game Center authentication adapter, leading to application crash...

parse-community parse-server 信任管理问题漏洞

parse-server is an open source Backend-as-a-Service BaaS framework that is primarily used for application backend processing. A security vulnerability exists in parse-community parse-server that stems from an authentication adapter that does not properly validate the Apple certificate URL. An...

Mac Adware 'OSX.Pirrit' Unleashes Ad Overload, For Now

Researchers discovered a Mac OS X variant of the Windows-based Pirrit adware that creates a proxy server on infected Mac computers and injects ads into webpages. According to researchers at Boston-based Cybereason Labs, the adware, dubbed OSX.Pirrit, is mostly benign, serving up just ads, but has...

KeRanger OS X Ransomware Impact Likely Mitigated

It’s likely that the first functional ransomware for OS X is a dud. Discovered on Friday by researchers at Palo Alto Networks, the KeRanger ransomware sits dormant for three days before encrypting files from a comprehensive list of 300 file extensions; today would be Day 3. The malware was includ...