6 matches found
CVE-2025-58584 Plain Text Transmission of Username and Password in the URL
In the HTTP request, the username and password are transferred directly in the URL as parameters. However, URLs can be stored in various systems such as server logs, browser histories or proxy servers. As a result, there is a high risk that this sensitive data will be disclosed unintentionally...
YoroTrooper Stealing Credentials and Information from Government and Energy Organizations
A previously undocumented threat actor dubbed YoroTrooper has been targeting government, energy, and international organizations across Europe as part of a cyber espionage campaign that has been active since at least June 2022. "Information stolen from successful compromises include credentials...
Researchers Uncover Android Spying Campaign Targeting Pakistan Officials
Two new Android surveillanceware families have been found to target military, nuclear, and election entities in Pakistan and Kashmir as part of a pro-India, state-sponsored hacking campaign. Dubbed Hornbill and Sunbird, the malware impersonates legitimate or seemingly innocuous services to cover...
How to Cover Your Tracks Every Time You Go Online
Online tracking can often feel downright invasive. From using VPNs to clearing browser histories, we've got your back...
Top MacOS App Exfiltrates Browser Histories Behind Users’ Backs
A top-grossing Apple App Store program called Adware Doctor is capable of sidestepping macOS security controls and surreptitiously copying a user’s entire browser history. It then sends it to a China-based domain. According to Patrick Wardle, chief research officer at Digita Security and founder ...
Study: 76% of Web Users Open to History Detection
Two developers have refined techniques for rummaging through browser histories to the extent that web sites can now find out what articles a user has recently read on news sites, their exact postcode and which search terms that have entered into search engines. Read the full article. The H Securi...