Meta patents AI that could keep you posting from beyond the grave

Tech bros have been wanting to become immortal for years. Until they get there, their fallback might be continuing to post nonsense on social media from the afterlife. On December 30, 2025, Meta was granted US patent 12513102B2: Simulation of a user of a social networking system using a language...

EUVD-2023-42336

Malicious code in bioql PyPI...

EUVD-2023-43654

Malicious code in bioql PyPI...

EUVD-2023-42337

Malicious code in bioql PyPI...

EUVD-2023-26627

Malicious code in bioql PyPI...

CVE-2023-38537

A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

CVE-2023-38537

A race condition in a network transport subsystem led to a heap use-after-free issue in established or unsilenced incoming audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

CVE-2023-38538

A race condition in an event subsystem led to a heap use-after-free issue in established audio/video calls that could have resulted in app termination or unexpected control flow with very low probability...

WhatsApp Competitive Conditions Issue Vulnerability

WhatsApp is a suite of mobile applications from the American company WhatsApp that use the Internet to send text messages. The application uses contact information in a smartphone to find contacts using the software to send text, images, etc. A security vulnerability exists in WhatsApp that stems...

CVE-2023-22473

CVE-2023-22473 affects the Nextcloud Talk Android app. The vulnerability is a passcode bypass that allows access to a user’s Nextcloud files and conversations when an attacker has physical access to the target device. The root cause is exposed by the described bypass in Talk Android, enabling exp...

CVE-2022-39212 Last video frame is still sent after video is disabled in a call in Nextcloud Talk

Nextcloud Talk is an open source chat, video & audio calls client for the Nextcloud platform. In affected versions an attacker could see the last video frame of any participant who has video disabled but a camera selected. It is recommended that the Nextcloud Talk app is upgraded to 13.0.8 or...

CVE-2022-39212

Nextcloud Talk vulnerability CVE-2022-39212: in affected versions, the last video frame of a participant can be disclosed when the camera is selected but the video is disabled. This is a client-side issue in Nextcloud Talk (chat/video calls) that allows viewing the last frame of other participant...

Facebook Adds End-to-End Encryption for Audio and Video Calls in Messenger

Facebook on Friday said it's extending end-to-end encryption E2EE for voice and video calls in Messenger, along with testing a new opt-in setting that will turn on end-to-end encryption for Instagram DMs. "The content of your messages and calls in an end-to-end encrypted conversation is protected...

Beyond Clubhouse: Vulnerable Agora SDKs Still in Widespread Use | McAfee Blogs

Beyond Clubhouse: Vulnerable Agora SDKs Still in Widespread Use Steve Povolny · FEB 18, 2021 On February 17th, 2021, McAfee disclosed findings based on a 10-month long disclosure process with major video conferencing vendor Agora, Inc. As we disclosed the findings to Agora in April 2020, this...

Beyond Clubhouse: Vulnerable Agora SDKs Still in Widespread Use | McAfee Blogs

Beyond Clubhouse: Vulnerable Agora SDKs Still in Widespread Use Steve Povolny · FEB 18, 2021 On February 17th, 2021, McAfee disclosed findings based on a 10-month long disclosure process with major video conferencing vendor Agora, Inc. As we disclosed the findings to Agora in April 2020, this...

Mozilla to Provide WebRTC-based Free Firefox To Firefox Voice and Video Calling feature

Mozilla is planning to provide a new feature that will allow free audio and video calls between its Firefox web browser, thereby ending the need of any third-party client service or plugin. Mozilla will soon release a new experimental version of Firefox Nightly, which will include an open source...

CVE-2013-6835

TelephonyUI Framework in Apple iOS 7 before 7.1, when Safari is used, does not require user confirmation for FaceTime audio calls, which allows remote attackers to obtain telephone number or e-mail address information via a facetime-audio: URL...

CVE-2011-1000

jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media...

Design/Logic Flaw

jingle-factory.c in Telepathy Gabble 0.11 before 0.11.7, 0.10 before 0.10.5, and 0.8 before 0.8.15 allows remote attackers to sniff audio and video calls via a crafted google:jingleinfo stanza that specifies an alternate server for streamed media...

CVE-2011-1000

CVE-2011-1000 affects Telepathy Gabble (telepathy-gabble) releases prior to the fixed ones: 0.11.x before 0.11.7, 0.10.x before 0.10.5, and 0.8.x before 0.8.15. The vulnerability arises from a crafted google:jingleinfo stanza that can cause a remote attacker to sniff audio/video streams by direct...