EUVD-2022-31257

Malicious code in bioql PyPI...

EUVD-2025-7100

Malicious code in bioql PyPI...

FERRET: Private Deep Learning Faster and Better Than DPSGD

We revisit 1-bit gradient compression through the lens of mutual-information differential privacy MI-DP. Building on signSGD, we propose FERRET--Fast and Effective Restricted Release for Ethical Training--which transmits at most one sign bit per parameter group with Bernoulli masking. Theory: We...

Candy Crush, Tinder, MyFitnessPal: See the Thousands of Apps Hijacked to Spy on Your Location

A hack of location data company Gravy Analytics has revealed which apps are—knowingly or not—being used to collect your information behind the scenes...

CVE-2024-44134

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15. An app may be able to read sensitive location information...

CVE-2024-40863

This issue was addressed with improved data protection. This issue is fixed in iOS 18 and iPadOS 18. An app may be able to leak sensitive user information...

Healthcare site leaks personal health information via Google and Meta tracking pixels

Advocate Aurora Health has disclosed that by visiting its websites users may have shared personal information, and possibly protected health information PHI, with Google and Meta Facebook. Advocate Aurora Health is the 11th largest not-for-profit, integrated health system in the US and provides...

CVE-2021-3155

snapd 2.54.2 and earlier created /snap directories in user home directories without specifying owner-only permissions. This could allow a local attacker to read information that should have been private. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1...

Facebook Agrees to Pay $90 Million to Settle Decade-Old Privacy Violation Case

Meta Platforms has agreed to pay $90 million to settle a lawsuit over the company's use of cookies to allegedly track Facebook users' internet activity even after they had logged off from the platform. In addition, the social media company will be required to delete all of the data it illegally...

LAPD Bans Facial Recognition, Citing Privacy Concerns

The Los Angeles Police Department LAPD has banned the use of commercial facial-recognition services – citing “public trust” considerations. The move comes in the wake of a report that showed that more than 25 employees of the department had performed 475 searches so far using the Clearview AI, an...

ThreatList: Healthcare Breaches Spike in October

October experienced a 44.44 percent month-over-month increase in healthcare data breaches, resulting in 661,830 healthcare records exposed or stolen during the month. That’s according to the Health and Human Services HHS Office for Civil Rights’ monthly report reported via HIPAA Journal. The...

A Feminist Take on Information Privacy

Maria Farrell has a really interesting framing of information/device privacy: What our smartphones and relationship abusers share is that they both exert power over us in a world shaped to tip the balance in their favour, and they both work really, really hard to obscure this fact and keep us...

phpBB 1.4 - Remote SQL Query Manipulation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3142/info phpBB is free, open-source, easy-to-use web forums software. An issue exists in phpBB which allows a remote attacker to manipulate SQL queries in such a way as to gain an administrative account with the service...

Mine web group SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================== Mine web group SQL Injection Vulnerability ========================================== ALLH AKBAR vist mY pr0f1l:- http://inj3ct0r.com/author/2364 Inj3ct0r.com largest Exploit Database in the world =...

Debian Security Advisory DSA 905-1 (mantis)

The remote host is missing an update to mantis announced via advisory DSA 905-1. Several security related problems have been discovered in Mantis, a web-based bug tracking system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3091 A cross-site...