Lucene search
K

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/06/26 8:23 p.m.4 views

Security Bulletin: Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem

Summary The voice mode subsystem src/backend/base/langflow/api/v1/voicemode.py contains two critical vulnerabilities that enable cross-tenant API key reuse and billing fraud. The first vulnerability involves a process-global ElevenLabs client singleton that caches the first user's API key and...

9.6CVSS5.8AI score0.00201EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/21 1:26 p.m.4 views

CVE-2026-56239

Capgo before 12.128.2 contains a potential privilege escalation vulnerability in the public.applyusageoverage SECURITY DEFINER function, which performs sensitive billing operations without enforcing internal authorization checks no validation of auth.uid, org membership, or checkminrights. Becaus...

7.6CVSS6AI score0.00199EPSS
Exploits0References3
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/06/30 2:0 p.m.20 views

Toll fraud malware: How an Android application can drain your wallet

Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve. Compared to other subcategories of billing fraud, which...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/09 10:38 a.m.28 views

Another Set of Joker Trojan-Laced Android Apps Resurfaces on Google Play Store

A new set of trojanized apps spread via the Google Play Store has been observed distributing the notorious Joker malware on compromised Android devices. Joker, a repeat offender, refers to a class of harmful apps that are used for billing and SMS fraud, while also performing a number of actions o...

Exploits0
Securelist
Securelist
added 2022/05/06 10:0 a.m.37 views

Mobile subscription Trojans and their little tricks

Billing fraud is one of the most common sources of income for cybercriminals. There are currently a number of known mobile Trojans specializing in secretly subscribing users to paid services. They usually pay for legitimate services in a users name and scammers take a cut from the money billed...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2021/12/17 7:23 p.m.23 views

Malicious Joker App Scores Half-Million Downloads on Google Play

The Joker malware is back again on Google Play, this time spotted in a mobile application called Color Message. The app was downloaded more than 500,000 times before its removal from the store. Users should immediately delete Color Message from their devices to avoid being defrauded, researchers ...

7.2AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/09/29 6:8 p.m.78 views

GriftHorse Money-Stealing Trojan Takes 10M Android Users for a Ride

More than 10 million Android users have been saddled with a malware called GriftHorse that’s trojanizing various applications and secretly subscribing victims to premium mobile services – a type of billing fraud that researchers categorize as “fleeceware.” Zimperium uncovered more than 130...

6.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2021/06/01 1:0 p.m.47 views

How Mobile Ad Fraud has Evolved in the Year of the Pandemic

The past 18 months have arguably been the most turbulent on record for the mobile industry. The majority of the world spent significant portions of 2020 under some kind of lockdown, with pressure mounting on mobile operators to keep us connected to the outside world, and with each other. This...

7.3AI score
Exploits0References4
The Hacker News
The Hacker News
added 2021/04/20 4:18 p.m.39 views

Over 750,000 Users Downloaded New Billing Fraud Apps From Google Play Store

Researchers have uncovered a new set of fraudulent Android apps in the Google Play store that were found to hijack SMS message notifications for carrying out billing fraud. The apps in question primarily targeted users in Southwest Asia and the Arabian Peninsula, attracting a total of 700,000...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2020/09/28 3:21 p.m.75 views

Joker Trojans Flood the Android Ecosystem

More variants of the Joker Android malware are cropping up in Google Play as well as third-party app stores, in a trend that researchers say points to a relentless targeting of the Android mobile platform. Researchers at Zscaler have found 17 different samples of Joker being regularly uploaded to...

0.2AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/09/02 4:24 p.m.16 views

Joker Spyware Plagues More Google Play Apps

Google has deleted six apps from its Google Play marketplace that were infecting users with the Joker malware a.k.a. Bread. Together, the apps – which tout functionalities ranging from text messaging to emoji wallpaper – account for nearly 200,000 installs, researchers with Pradeo said in a post...

7.5AI score
Exploits0References13
The Hacker News
The Hacker News
added 2020/07/09 10:1 a.m.87 views

Joker Malware Apps Once Again Bypass Google's Security to Spread via Play Store

Cybersecurity researchers took the wraps off yet another instance of Android malware hidden under the guise of legitimate applications to stealthily subscribe unsuspecting users for premium services without their knowledge. In a report published by Check Point research today, the malware —...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/07/09 10:1 a.m.7 views

Joker Malware Apps Once Again Bypass Google's Security to Spread via Play Store

Cybersecurity researchers took the wraps off yet another instance of Android malware hidden under the guise of legitimate applications to stealthily subscribe unsuspecting users for premium services without their knowledge. In a report published by Check Point research today, the malware —...

5.9AI score
Exploits0
ThreatPost
ThreatPost
added 2020/01/13 9:4 p.m.72 views

Joker Android Malware Snowballs on Google Play

Google has removed 17,000 Android apps to date from the Play store that have been conduits for the Joker malware a.k.a. Bread – and in an analysis of the code, said that Joker’s operators have “at some point used just about every cloaking and obfuscation technique under the sun in an attempt to g...

7.4AI score
Exploits0References5
The Hacker News
The Hacker News
added 2014/10/16 10:8 p.m.14 views

Hacking Smart Electricity Meters To Cut Power Bills

Smart devices are growing at an exponential pace with the increase in connecting devices embedded in cars, retail systems, refrigerators, televisions and countless other things people use in their everyday life, but security and privacy are the key issues for such applications, which still face...

7.4AI score
Exploits0
Rows per page
Query Builder