57 matches found
CVE-2026-48692
A flaw was found in FastNetMon Community Edition. The gRPC API server, exposed on port 50052, operates without any authentication mechanism. A remote attacker with local network access can exploit this vulnerability to ban arbitrary IP addresses, resulting in a denial of service for legitimate...
CVE-2026-48692
FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials src/fastnetmon.cpp line 477 and a source code comment explicitly acknowledges 'Listen on the given address without an...
CVE-2026-48692
FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials src/fastnetmon.cpp line 477 and a source code comment explicitly acknowledges 'Listen on the given address without an...
Blocking children from social media is a badly executed good idea
While we can probably all agree that there is more than enough proof that social media is bad for the mental health of our children, the methods we are trying to block or ban them seem to do more harm than good. Across the world, lawmakers are tripping over each other to be seen “doing something”...
CVE-2026-34362 AVideo's WebSocket Token Never Expires Due to Commented-Out Timeout Validation in verifyTokenSocket()
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the verifyTokenSocket function in plugin/YPTSocket/functions.php has its token timeout validation commented out, causing WebSocket tokens to never expire despite being generated with a 12-hour timeout. This allows...
Calibre 访问控制错误漏洞
Calibre is an open-source, free tool developed by Kovid Goyal, a personal developer from India. It serves as a comprehensive e-book reading management and format conversion tool. Versions of Calibre prior to 9.4.0 contained a access control error vulnerability. This vulnerability stemmed from a...
Regulators around the world are scrutinizing Grok over sexual deepfakes
Grok’s failure to block sexualized images of minors has turned a single “isolated lapse” into a global regulatory stress test for xAI’s ambitions. The response from lawmakers and regulators suggests this will not be solved with a quick apology and a hotfix. Last week we reported on Grok's apology...
EUVD-2022-45067
Malicious code in bioql PyPI...
U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns. The development was first reported by Axios. The decision, according to the House Chief Administrative Officer CAO, was motivated by worrie...
CVE-2022-41961
BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered...
Malicious code in client-req-bans (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e7b540646327a4a8326c496059737e3bb81af664a3c51951c1a4caeb0e265496 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SourceBans++ 安全漏洞
SourceBans++ is a global administration, banning and communication management system for the Source engine by the SourceBans++ Dev team. A security vulnerability exists in SourceBans++ versions prior to v.1.8.0. A remote attacker can exploit this vulnerability to obtain sensitive information via ...
MAL-2024-10278 Malicious code in req-bans (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 891a9d8d6df58ad3743a6ec2db7217d78ec1fe0a3d8bb938181ec4ac26ee5489 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in req-bans (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 891a9d8d6df58ad3743a6ec2db7217d78ec1fe0a3d8bb938181ec4ac26ee5489 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The Problem the US TikTok Crackdown and Kaspersky Ban Have in Common
While Kaspersky and TikTok make very different kinds of software, the US has targeted both over national security concerns. But the looming bans have larger implications for internet freedom...
Telegram’s Bans on Extremist Channels Aren't Really Bans
A WIRED analysis of more than 100 restricted channels shows these communities remain active, and content shared within them often spreads to channels accessible to the public...
Russia Bans WhatsApp, Discord, Telegram, and Others
By Deeba Ahmed Interestingly, Telegram is also part of this ban, although it is owned by Russian millionaire Pavel Durov. This is a post from HackRead.com Read the original post: Russia Bans WhatsApp, Discord, Telegram, and Others...
TikTok probed over child privacy practices
The privacy protection authorities for Canada, Quebec, British Columbia, and Alberta have announced they will start an investigation into TikTok's privacy practices, especially in relation to its younger users. The investigation will include whether the company obtained valid and meaningful conse...
CVE-2022-41961
BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered...
Code injection
BigBlueButton is an open source web conferencing system. Versions prior to 2.4-rc-6 are subject to Ineffective user bans. The attacker could register multiple users, and join the meeting with one of them. When that user is banned, they could still join the meeting with the remaining registered...