CVE-2026-35061

Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery...

EUVD-2026-23488

Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery...

CVE-2026-35061

Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery...

CVE-2026-35061 Anviz Products Missing Authorization

Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery...

CVE-2026-35061 Anviz Products Missing Authorization

Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery...

CVE-2026-35061

CVE-2026-35061 affects Anviz CX7 Firmware. The vulnerability allows retrieval of the most recently captured test photo without authentication, exposing sensitive operational imagery. The associated CVSS 3.1 metrics indicate an external network access vector with low attack complexity and no privi...

CVE-2026-35061

Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery...

PT-2026-33492

CVE-2026-35061 Anviz CX7 Firmware is vulnerable to the most recently captured test photo that can be retrieved without authentication, revealing sensitive operational imagery. https://t.co/DJ9ESa1MPU...

Grok Is Generating Sexual Content Far More Graphic Than What's on X

A WIRED review of outputs hosted on Grok’s official website shows it’s being used to create violent sexual images and videos, as well as content that includes apparent minors...

Deepfake Geography: Detecting AI-Generated Satellite Images

The rapid advancement of generative models such as StyleGAN2 and Stable Diffusion poses a growing threat to the authenticity of satellite imagery, which is increasingly vital for reliable analysis and decision-making across scientific and security domains. While deepfake detection has been...

[SECURITY] Fedora 41 Update: openjpeg-2.5.3-8.fc41

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profile-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple...

[SECURITY] Fedora 42 Update: openjpeg-2.5.3-8.fc42

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profile-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple...

BadReward: Clean-Label Poisoning of Reward Models in Text-To-Image RLHF

Reinforcement Learning from Human Feedback RLHF is crucial for aligning text-to-image T2I models with human preferences. However, RLHF's feedback mechanism also opens new pathways for adversaries. This paper demonstrates the feasibility of hijacking T2I models by poisoning a small fraction of...

[SECURITY] Fedora 40 Update: openjpeg2-2.5.3-1.fc40

The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profile-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multiple...

[SECURITY] Fedora 36 Update: osgearth-3.2-7.fc36

osgEarth is a C++ terrain rendering SDK. Just create a simple XML file, point it at your imagery, elevation, and vector data, load it into your favorite OpenSceneGraph application, and go! osgEarth supports all kinds of data and comes with lots of examples to help you get up and running quickly a...

When a deepfake “empire” continues to grow

I’ve been quite vocal on the impact of deepfakes, in terms of where the most harm takes place. Back in 2019, we looked at malign interference campaigns. I took the line that, other than revenge porn, this was where deepfakes were likely to have the most influence. Although people keep talking abo...

This Week in Security News – October 15, 2021

Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more...

This Week in Security News – October 15, 2021

Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more...

Iran-linked DEV-0343 targeting defense, GIS, and maritime sectors

DEV-0343 is a new activity cluster that the Microsoft Threat Intelligence Center MSTIC first observed and began tracking in late July 2021. MSTIC has observed DEV-0343 conducting extensive password spraying against more than 250 Office 365 tenants, with a focus on US and Israeli defense technolog...

A week in security (Sept 6 – Sept 12)

Last week on Malwarebytes Labs Apple delays plans to search devices for child abuse imagery. ProtonMail hands user’s IP address and device info to police, showing the limits of private email. Patch now! Netgear fixes serious smart switch vulnerabilities. Tor vs VPN—What is the difference? Windows...