396 matches found
Samsung TVs stop spying on viewers in Texas. Here’s how to disable ACR anywhere
Samsung has settled a lawsuit with the Texas Attorney General over how its smart TVs collect and monetize viewing data using Automated Content Recognition ACR. As part of the settlement, Samsung agreed to stop collecting ACR data from Texans without explicit, informed consent and to rewrite its...
A $10K Bounty Awaits Anyone Who Can Hack Ring Cameras to Stop Sharing Data With Amazon
The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon—without breaking the hardware...
A week in security (February 2 – February 8)
Last week on Malwarebytes Labs: Apple Pay phish uses fake support calls to steal payment details Open the wrong "PDF" and attackers gain remote access to your PC Flock cameras shared license plate data without permission Grok continues producing sexualized images after promised fixes Firefox is...
Flock cameras shared license plate data without permission
Mountain View, California, pulled the plug on its entire license plate reader camera network this week. It discovered that Flock Safety, which ran the system, had been sharing city data with hundreds of law enforcement agencies, including federal ones, without permission. Flock Safety runs an...
Are we ready for ChatGPT Health?
How comfortable are you with sharing your medical history with an AI? I’m certainly not. OpenAI’s announcement about its new ChatGPT Health program prompted discussions about data privacy and how the company plans to keep the information users submit safe. ChatGPT Health is a dedicated “health...
Doxers Posing as Cops Are Tricking Big Tech Firms Into Sharing People’s Private Data
A spoofed email address and an easily faked document is all it takes for major tech companies to hand over your most personal information...
Air fryer app caught asking for voice data (re-air) (Lock and Code S06E24)
This week on the Lock and Code podcast … It's often said online that if a product is free, you're the product, but what if that bargain was no longer true? What if, depending on the device you paid hard-earned money for, you still became a product yourself, to be measured, anonymized, collated,...
Sling TV turned privacy into a game you weren’t meant to win
Streaming service Sling TV has settled with the California Attorney General over allegations that it blocked users from exercising their privacy rights. The company will pay $530,000 after being accused of making it difficult for customers to opt out of its data collection practices. The Californ...
Covert Surveillance in Smart Devices: A SCOUR Framework Analysis of Youth Privacy Implications
This paper investigates how smart devices covertly capture private conversations and discusses in more in-depth the implications of this for youth privacy. Using a structured review guided by the PRISMA methodology, the analysis focuses on privacy concerns, data capture methods, data storage and...
EUVD-2025-34931
The Restaurant Brands International RBI assistant platform through 2025-09-06 has a Global Store Directory that shares personal information among authenticated users...
CVE-2025-59200
Concurrent execution using shared resource with improper synchronization 'race condition' in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally...
EUVD-2025-34393
Concurrent execution using shared resource with improper synchronization 'race condition' in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally...
CVE-2025-59200
Concurrent execution using shared resource with improper synchronization 'race condition' in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally...
CVE-2025-59200
Concurrent execution using shared resource with improper synchronization 'race condition' in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally...
CVE-2025-59200 Data Sharing Service Spoofing Vulnerability
...
CVE-2025-59200
CVE-2025-59200 describes a race-condition vulnerability in the Data Sharing Service Client where concurrent access to a shared resource allows an unauthorized local attacker to spoof locally. The CVE entry states a base CVSS v3.1 score of 7.7 ( HIGH ), with LOCAL attack vector, LOW confidentialit...
CVE-2025-59200 Data Sharing Service Spoofing Vulnerability
...
Data Sharing Service Spoofing Vulnerability
Concurrent execution using shared resource with improper synchronization 'race condition' in Data Sharing Service Client allows an unauthorized attacker to perform spoofing locally...
Microsoft Data Sharing Service 竞争条件问题漏洞
Microsoft Data Sharing Service is a built-in data sharing service component of the Windows operating system from Microsoft Corporation USA. A competitive condition vulnerability exists in Microsoft Data Sharing Service, which can be exploited by an attacker to perform spoofing attacks...
PT-2025-42092
Name of the Vulnerable Software and Affected Versions Data Sharing Service Client affected versions not specified Description A race condition exists due to concurrent execution using a shared resource with improper synchronization. This allows a local attacker to perform spoofing. Approximately...