CVE-2021-43412

An issue was discovered in GNU Hurd before 0.9 20210404-9. libports accepts fake notification messages from any client on any port, which can lead to port use-after-free. This can be exploited for local privilege escalation to get full root access...

Spoofing Attacks

firefox is vulnerable to Spoofing Attacks. The vulnerability occurs when a website uses the window.open function to open a new window. If the new window is opened in full-screen mode, the malicious website can use the document.querySelector function to find the full-screen notification and then...

Spyware Labeled 'TikTok Pro' Exploits Fears of U.S. Ban

Researchers have discovered a new Android spyware campaign pushing a “Pro” version of the TikTok app that is exploiting fears among its young and gullible users that the popular social media app is on the cusp of being banned in the United States. The malware can take over basic device...

New AWS phishing scam steals credentials via fake AWS notification

By Waqas The latest AWS phishing scam puts millions of customers at risk. This is a post from HackRead.com Read the original post: New AWS phishing scam steals credentials via fake AWS notification...

Semrush: Code injection in https://www.semrush.com

INTRODUCES: -With a direct error on the homepage, it is easy to trick the victim into accessing a fake page from the attacker STEP: Step: Send url with payload to victim:...

Threat Outbreak Alert: Fake Terminal Agent Key Reset Notification Email Messages on January 14, 2014

Medium Alert ID: 32473 First Published: 2014 January 16 20:30 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a terminal agent key reset notification for the recipient. The text in the email message attempts to convince...