47 matches found
‘We Were Not Ready for This’: Lebanon's Emergency System Is Hanging by a Thread
In Lebanon, nearly 1 in 5 people has been displaced by Israeli attacks, leaving the government to manage a modern crisis without modern digital infrastructure...
EUVD-2025-25283
Malicious code in bioql PyPI...
CVE-2025-50503
A vulnerability in the password reset workflow of the Touch Lebanon Mobile App 2.20.2 allows an attacker to bypass the OTP reset password mechanism. By manipulating the reset process, an unauthorized user may be able to reset the password and gain access to the account without needing to provide ...
CVE-2025-50503
A vulnerability in the password reset workflow of the Touch Lebanon Mobile App 2.20.2 allows an attacker to bypass the OTP reset password mechanism. By manipulating the reset process, an unauthorized user may be able to reset the password and gain access to the account without needing to provide ...
Touch Lebanon Mobile App 安全漏洞
Touch Lebanon Mobile App is a free application from Touch Lebanon. A security vulnerability exists in Touch Lebanon Mobile App version 2.20.2, which stems from a flaw in the password reset process that could lead to a bypass of the OTP mechanism...
CVE-2025-50503
A vulnerability in the password reset workflow of the Touch Lebanon Mobile App 2.20.2 allows an attacker to bypass the OTP reset password mechanism. By manipulating the reset process, an unauthorized user may be able to reset the password and gain access to the account without needing to provide ...
CVE-2025-50503
The CVE-2025-50503 entry concerns Touch Lebanon Mobile App 2.20.2, where a flaw in the password reset workflow enables bypassing the OTP mechanism, potentially allowing an unauthorized user to reset a password and access an account without a legitimate authentication factor. The incident is descr...
PT-2025-34054 · Unknown · Touch Lebanon Mobile App
Name of the Vulnerable Software and Affected Versions: Touch Lebanon Mobile App version 2.20.2 Description: A flaw exists in the password reset workflow that allows an attacker to bypass the one-time password OTP reset password mechanism. By manipulating the reset process, an unauthorized user ma...
The Everyday Security of Living with Conflict
When cyber' is used as a prefix, attention is typically drawn to the technological and spectacular aspects of war and conflict -- and, by extension, security. We offer a different approach to engaging with and understanding security in such contexts, by foregrounding the everyday -- mundane --...
The Impact of Supply Chain Attacks on the Global Landscape
Background From the Silk Road’s ancient trade routes to today’s global networks, supply chains have shaped empires, fueled revolutions, and driven economies. Now, in an age of digital transformation, they’ve evolved from logistical backbones into dynamic, tech-driven ecosystems. Powered by digita...
Amid Air Strikes and Rockets, an SMS From the Enemy
As Israel intensifies its attacks on Lebanon, eerie messages have been arriving on the phones of civilians on both sides of the border, with authorities in each country accusing the other of psychological warfare...
Walkie-Talkies Explode in New Attack on Hezbollah
In a second attack on Hezbollah members, two-way radios detonated around Lebanon on Wednesday, causing injuries and multiple deaths...
lebanon.pa.networkofcare.org Cross Site Scripting vulnerability OBB-3895640
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Beirut Airport Screens Hacked with Anti-Hezbollah Message
By Deeba Ahmed The most recent cyber attack occurs against the backdrop of escalating tensions between Lebanon and Israel. This is a post from HackRead.com Read the original post: Beirut Airport Screens Hacked with Anti-Hezbollah Message...
tzdata bug fix and enhancement update
An update is available for tzdata. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The tzdata packages contain data files with rules for various time zones. The...
[SECURITY] [DLA 3366-1] tzdata new timezone database
------------------------------------------------------------------------- Debian LTS Advisory DLA-3366-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 24, 2023 https://wiki.debian.org/LTS -...
Researchers Uncover Connection b/w Moses Staff and Emerging Abraham's Ax Hacktivists Group
New research has linked the operations of a politically motivated hacktivist group known as Moses Staff to another nascent threat actor named Abraham's Ax that emerged in November 2022. This is based on "several commonalities across the iconography, videography, and leak sites used by the groups,...
Researchers Uncover Custom Backdoors and Spying Tools Used by Polonium Hackers
A threat actor tracked as Polonium has been linked to over a dozen highly targeted attacks aimed at Israelian entities with seven different custom backdoors since at least September 2021. The intrusions were aimed at organizations in various verticals, such as engineering, information technology,...
Transtek Mojodat FAM 安全漏洞
Transtek Mojodat FAM is a fixed asset management software from Transtek Lebanon. A security vulnerability exists in Transtek Mojodat FAM Fixed Asset Management version 2.4.6, which originates from a vulnerability that could allow a remote attacker to gain access to other user's data after a...
Spyware Group Candiru exploits Chrome Zero-Day to Target Middle East
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary CandiruSaito Tech spyware used the recently fixed CVE-2022-2294 Chrome zero-day in assaults on journalists, with a substantial portion of the attacks taking place in Lebanon. This recently patched vulnerability...