EUVD-2023-58938

Malicious code in bioql PyPI...

Meta ignored child sex abuse in VR, say whistleblowers

Two former employees at Meta testified against the company at a Senate hearing this week, accusing it of downplaying the dangers of child abuse in its virtual reality VR environment. The whistleblowers say they saw incidents where children were asked for sex acts and nude photos in Facebook's VR...

23andMe raked by Congress on privacy, sale of genetic data

In a Senate hearing adequately titled “23 and You: The Privacy and National Security Implications of the 23andMe Bankruptcy,” 23andMe executives addressed concerns about the privacy implications of the company’s sale and the handling of associated genetic data. For those who missed the latest...

Hearing on the Federal Government and AI

On Thursday I testified before the House Committee on Oversight and Government Reform at a hearing titled "The Federal Government in the Age of Artificial Intelligence." The other speakers mostly talked about how cool AI was--and sometimes about how cool their own company was--but I was asked by...

These Guys Hacked AirPods to Give Their Grandmas Hearing Aids

Three technologists in India used a homemade Faraday cage and a microwave oven to get around Apple’s location blocks...

Surprise! The Latest ‘Comprehensive’ US Privacy Bill Is Doomed

Gutted of civil rights protections by Democrats to woo pro-business Republicans, the American Privacy Rights Act was pulled from a key congressional hearing—and appears unlikely to receive a full vote...

CVE-2023-6724

Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...

CVE-2023-6724

Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse.This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...

Authorization

Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse.This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...

CVE-2023-6724 IDOR in Simgesel Software's Hearing Tracking System (Barosel)

Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...

CVE-2023-6724 IDOR in Simgesel Software's Hearing Tracking System (Barosel)

Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse. This issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0...

CVE-2023-6724

CVE-2023-6724 describes an Authorization Bypass Through User-Controlled Key in the Hearing Tracking System used by Simgesel/Software Engineering Consultancy Machine Equipment Limited Company. The underlying issue is an authorization bypass (IDOR-like) that enables authentication abuse. Documented...

Hearing Tracking System Security Vulnerability

Simgesel Hearing Tracking System is a hearing tracking system from the Turkish company Simgesel. A security vulnerability exists in Hearing Tracking System that originated from allowing authorization bypass...

CVE-2023-33248

Amazon Alexa software version 8960323972 on Echo Dot 2nd generation and 3rd generation devices potentially allows attackers to deliver security-relevant commands via an audio signal between 16 and 22 kHz often outside the range of human adult hearing. Commands at these frequencies are essentially...

The TikTok Hearing Revealed That Congress Is the Problem

The interrogation of CEO Shou Zi Chew highlighted US lawmakers’ own failure to pass privacy legislation...

Why 8kun Went Offline During the January 6 Hearings

The latest Jan. 6 committee hearing on Tuesday examined the role of conspiracy theory communities like 8kun.top and TheDonald.win in helping to organize and galvanize supporters who responded to former President Trumps invitation to "be wild" in Washington, D.C. on that chaotic day. At the same...

The Senate Is Mad as Hell at Facebook—Again

The latest hearing on Instagram and teen mental health was the depressing work of a legislature that can’t legislate...

Porn Clip Disrupts Virtual Court Hearing for Alleged Twitter Hacker

Perhaps fittingly, a Web-streamed court hearing for the 17-year-old alleged mastermind of the July 15 mass hack against Twitter was cut short this morning after mischief makers injected a pornographic video clip into the proceeding. 17-year-old Graham Clark of Tampa, Fla. was among those charged ...

Twitter Hacker Arrested

A 17-year-old Florida boy was arrested and charged with last week's Twitter hack. News articles. Boing Boing post. Florida state attorney press release. This is a developing story. Post any additional news in the comments. EDITED TO ADD 8/1: Two others have been charged as well. EDITED TO ADD 8/1...

audibelhearingnewroads.com Improper Access Control vulnerability OBB-1216284

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...