EUVD-2022-46968

Malicious code in bioql PyPI...

EUVD-2021-3142

Malicious code in bioql PyPI...

Gambling firms are secretly sharing your data with Facebook

While you might think you’re hitting the jackpot, whether you’ve consented to it or not, online gambling sites are playing with your data. Users’ data, including details of webpages they visited and buttons they clicked, are being shared with Meta, Facebook’s parent company. The Observer reports...

CVE-2025-23111

CVE-2025-23111 affects REDCap 14.9.6. The vulnerability arises from HTML injection via the Survey field name, enabling a phishing redirect when a survey recipient clicks the manipulated field name. The exposed risk is user-confusion leading to actions without consent, with the impact described as...

CVE-2022-20214

In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user consent.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183411210...

PUB-A-183610267

In onCreate of UsbPermissionActivity.java, there is a possible way to grant an app access to USB without informed user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

Facebook to Pay $5 Billion Fine to Settle FTC Privacy Investigation

After months of negotiations, the United States Federal Trade Commission FTC has approved a record $5 billion settlement with Facebook over its privacy investigation into the Cambridge Analytica scandal. The settlement will put an end to a wide-ranging probe that began more than a year ago and...