OESA-2026-1069 fluidsynth security update

FluidSynth is a free software synthesizer. Its currently based on the SoundFont 2 specifications and supports real time MIDI effect controls. It can be used as a shared library for embedding in other applications, can play MIDI files and has a command line shell. Many other applications use...

CVE-2025-56225

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

CVE-2025-56225

fluidsynth-2.4.6 and earlier versions is vulnerable to Null pointer dereference in fluidsynthmonopoly.c, that can be triggered when loading an invalid midi file...

CVE-2025-56225

CVE-2025-56225 affects fluidsynth-2.4.6 and earlier. The root cause is a NULL pointer dereference in fluid_synth_monopoly.c triggered when loading an invalid MIDI file. This can impact availability (CVE base score 7.5, HIGH). The connected advisories show patches/updates: Fedora advisories (FEDOR...

Black Hat USA 2024: AWS ‘Bucket Monopoly’ Flaw Led to Account Takeover

Black Hat USA 2024 is up and running at full pace as critical AWS vulnerabilities are exposed! Learn…...

U.S. Justice Department Sues Apple Over Monopoly and Messaging Security

The U.S. Department of Justice DoJ, along with 16 other state and district attorneys general, on Thursday accused Apple of illegally maintaining a monopoly over smartphones, thereby undermining, among other things, the security and privacy of users when messaging non-iPhone users. "Apple wraps...

The Hundred-Year Battle for India’s Radio Airwaves

The Indian government has a monopoly on radio news, allowing it to dictate what hundreds of millions of people hear. With an election approaching, that gives prime minister Narendra Modi a huge advantage...

Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace

Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. "The site operated as a hidden service in the encrypted TOR network," the Finnish Customs aka Tulli said in a brief announcement on...

Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust

An international law enforcement operation has resulted in the arrest of 288 vendors who are believed to be involved in drug trafficking on the dark web, adding to a long list of criminal enterprises that have been shuttered in recent years. The effort, codenamed Operation SpecTor, also saw the...

Cops Just Revealed a Record-Breaking Dark Web Dragnet

Operation SpecTor likely drew on leads from multiple dark web market busts, including the secret takedown of Monopoly Market in 2021...

live-monopoly.nl Cross Site Scripting vulnerability OBB-2475231

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Me on App Store Monopolies and Security

There are two bills working their way through Congress that would force companies like Apple to allow competitive app stores. Apple hates this, since it would break its monopoly, and its making a variety of security arguments to bolster its argument. I have written a rebuttal: I would like to...

McDonald’s Email Blast Includes Password to Monopoly Game Database

McDonald’s UK Monopoly VIP game kicked off at the end of August, and a recent round of emails sent to winners of the game’s various prizes included more than a coupon for free fries. The franchise accidentally inserted passwords for a McDonald’s server that hosted information tied to the UK...

Bad Apple: App Store Rife with Fraud, Fleeceware

A new analysis from the Washington Post reveals just how widespread fraud is across the Apple App Store, while also offering glimpse into the revenue flowing into Cupertino generated by those malicious activities. The Apple App Store has been under heightened scrutiny for maintaining its iron gri...

A week in security (December 7 – December 13)

Last week on Malwarebytes podcast we talked to Doug Levin, founder of the K12 cybersecurity resource center and advisor to the K12 Security Information Exchange, about how schools can plan for a cybersecure 2021. We also released a Malwarebytes Labs report revealing that 50 percent of schools did...

Hacking the McDonald's Monopoly Sweepstakes

Long and interesting story -- now two decades old -- of massive fraud perpetrated against the McDonald's Monopoly sweepstakes. The central fraudster was the person in charge of securing the winning tickets...

Open Monopoly - Dangerous filesystem permissions, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application Open Monopoly published at the 'play' market has multiple vulnerabilities...

My Monopoly - Exported components, External URLs, Possible privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application My Monopoly published at the 'play' market has multiple vulnerabilities...

Boardwalk Bingo: MONOPOLY - Dynamic Code Loading, External URLs, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Boardwalk Bingo: MONOPOLY published at the 'play' market has multiple vulnerabilities...

MONOPOLY Slots - Customized SSL, Redefined SSL Common Names verifier, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application MONOPOLY Slots published at the 'play' market has multiple vulnerabilities...