10 matches found
Meta’s face-recognition code raises new concerns about smart glasses
Meta’s smart glasses are once again at the center of a privacy debate due to face recognition. WIRED reports that Meta had quietly embedded unreleased face-recognition code, internally called “NameTag,” into its Meta AI companion app, which powers the company’s smart glasses. The code was not...
Apple’s Camera Indicator Lights
A thoughtful review of Apple's system to alert users that the camera is on. It's really well-designed, and important in a world where malware could surreptitiously start recording. The reason it's tempting to think that a dedicated camera indicator light is more secure than an on-display indicato...
CVE-2025-9041
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
CVE-2025-9041 Rockwell Automation FLEX 5000 I/O - Module Fault
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault Code 160010, and the module cannot...
SUSE-SU-2025:20341-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_4
This update for kernel-livepatch-MICRO-6-0-RTUpdate4 fixes the following issues: - CVE-2024-53237: Bluetooth: fix use-after-free in deviceforeachchild bsc1235008 - CVE-2024-56650: netfilter: xtables: fix LED ID check in ledtgcheck bsc1235431 - CVE-2024-56600: net: inet6: do not leave a dangling s...
CVE-2024-50954
The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a vulnerability in handling Modbus messages. When a TCP connection is established with the above series of controllers within a local area network LAN, sending a specific Modbus message to the controller can cau...
CVE-2021-38545
Raspberry Pi 3 B+ and 4 B devices through 2021-08-09, in certain specific use cases in which the device supplies power to audio-output equipment, allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. We...
CVE-2021-38546
CREATIVE Pebble devices through 2021-08-09 allow remote attackers to recover speech signals from an LED on the device, via a telescope and an electro-optical sensor, aka a "Glowworm" attack. The power indicator LED of the speakers is connected directly to the power line, as a result, the intensit...
MIRACASE MHUB500 USB splitters 安全漏洞
MIRACASE MHUB500 USB splitters is a software application. This tool provides powerful functionality for audio output devices, allowing a remote attacker to retrieve code signaling sensors via oscilloscope and electro-optical from LEDs of connected devices. A security vulnerability in MIRACASE...
Google Chrome Eavesdropping Exploit Published
The developer of the annyang speech recognition JavaScript library has published exploit code for a bug in Google’s Chrome browser that could allow a malicious website to eavesdrop using a computer’s microphone long after a visitor has left a website. The code disclosure is in response, said...