226 matches found
CVE-2026-50211 Exposed Factory Testing App Boundaries
Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...
CVE-2026-32684
The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...
EUVD-2026-29447
The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...
CVE-2026-32684
The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...
CVE-2026-32684
The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...
CVE-2026-32684
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2026-32684
The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...
CVE-2026-32684
The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...
PT-2026-40005
The application does not impose strict enough restrictions on directory access permissions, posing a risk that other malicious applications could obtain sensitive information...
Apple macOS 安全漏洞
Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Sequoia 15.1 had a security vulnerability due to insufficient checks, which could allow malicious applications to modify the protected portion of the file system...
ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack & More
Another Thursday, another pile of weird security stuff that somehow happened in just seven days. Some of it is clever. Some of it is lazy. A few bits fall into that uncomfortable category of “yeah… this is probably going to show up in real incidents sooner than we’d like.” The pattern this week...
OAuth redirection abuse enables phishing and malware delivery
Microsoft observed phishing-led exploitation of OAuth’s by-design redirection mechanisms. The activity targets government and public-sector organizations and uses silent OAuth authentication flows and intentionally invalid scopes to redirect victims to attacker-controlled infrastructure without...
Would You Click ‘Accept’? Automatically detecting malicious Azure OAuth applications using LLMs
How Wiz Research automates detection of emerging malicious Azure app and consent phishing campaigns...
Apple macOS 安全漏洞
Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Tahoe prior to 26.3 contained a security vulnerability. This vulnerability stemmed from improper editing of log data, which could allow malicious applications to access...
CVE-2020-12492
Improper handling of WiFi information by framework services can allow certain malicious applications to obtain sensitive information...
EUVD-2025-201354
A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning...
CVE-2025-27389 Application Installation Source Verification Flaw May Lead to Risk Detection Bypass
A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning...
PT-2025-49188
A flaw exists in the verification of application installation sources within ColorOS. Under specific conditions, this issue may cause the risk detection mechanism to fail, which could allow malicious applications to be installed without proper warning...
EUVD-2021-23619
Malware in sbrugna...
EUVD-2017-17165
Malware in sbrugna...