CVE-2022-39212 Last video frame is still sent after video is disabled in a call in Nextcloud Talk

Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame of any participant who has video disabled but a camera selected. It is recommended that the Nextcloud Talk app is upgraded to 13.0.8 or...

Signal Forced Call Acceptance

Signal: Incoming call can be connected without user interaction There is a logic error in Signal that can cause an incoming call to be answered even if the callee does not pick it up. In the Android client, there is a method handleCallConnected that causes the call to finish connecting. During...

Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones

Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few "selected" smartphones by simply calling the targeted phone numbers over Whatsapp audio call. Discovered, weaponized and then sold by the Israeli company NS...

Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones

Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few "selected" smartphones by simply calling the targeted phone numbers over Whatsapp audio call. Discovered, weaponized and then sold by the Israeli company NS...