CVE-2019-25568

Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by replacing the MemuService.exe executable. Attackers can rename and overwrite MemuService.exe in the installation directory with a malicious executable, which executes with...

CVE-2019-25568 Memu Play 6.0.7 Privilege Escalation via Insecure File Permissions

Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by replacing the MemuService.exe executable. Attackers can rename and overwrite MemuService.exe in the installation directory with a malicious executable, which executes with...

CVE-2019-25568

Memu Play 6.0.7 contains an insecure file-permissions vulnerability that enables privilege escalation by replacing MemuService.exe in the installation directory with a malicious executable. An attacker can rename/overwrite MemuService.exe, causing the service to run at system level upon reboot. T...

Microvirt Memu Play 访问控制错误漏洞

Microvirt Memu Play is an Android emulator developed by Microvirt Corporation. Version 6.0.7 of Microvirt Memu Play contains a access control vulnerability, which stems from insecure file permissions. This vulnerability could allow low-privilege users to elevate their privileges by replacing the...

PT-2026-26913

Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by replacing the MemuService.exe executable. Attackers can rename and overwrite MemuService.exe in the installation directory with a malicious executable, which executes with...

Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams

Google on Thursday announced a new "advanced flow" for Android sideloading that requires a mandatory 24-hour wait period to install apps from unverified developers in an attempt to balance openness with safety. The new changes come against the backdrop of a developer verification mandate the tech...

CVE-2026-4214

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

CVE-2026-4214 D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

BeatBanker Android Trojan Uses Silent Audio Loop to Steal Crypto

BeatBanker Android Trojan spreads via fake Google Play Store pages, using a silent audio loop to stay active while stealing crypto, banking data, and login credentials...

BeatBanker: A dual‑mode Android Trojan

Recently, we uncovered BeatBanker, an Android‑based malware campaign targeting Brazil. It spreads primarily through phishing attacks via a website disguised as the Google Play Store. To achieve their goals, the malicious APKs carry multiple components, including a cryptocurrency miner and a banki...

SUSE SLES16 Security Update : podman (SUSE-SU-2026:20626-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20626-1 advisory. Changes in podman: - Add symlink to catatonit in /usr/libexec/podman bsc1248988 - CVE-2025-47914: Fixed...

SUSE SLED15 / SLES15 Security Update : freerdp (SUSE-SU-2026:0763-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0763-1 advisory. - CVE-2026-24491: heap-use-after-free in videotimer bsc1257981. - CVE-2026-24675: heap-use-after-free in...

Hacked App Part of US/Israeli Propaganda Campaign Against Iran

Wired has the story: Shortly after the first set of explosions, Iranians received bursts of notifications on their phones. They came not from the government advising caution, but from an apparently hacked prayer-timing app called BadeSaba Calendar that has been downloaded more than 5 million time...

SUSE SLES15 Security Update : freerdp (SUSE-SU-2026:0621-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0621-1 advisory. - CVE-2026-24491: heap-use-after-free in videotimer bsc1257981. - CVE-2026-24675: heap-use-after-free in urbselectinterface bsc1257982. -...

SUSE SLES12 Security Update : freerdp (SUSE-SU-2026:0762-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0762-1 advisory. - CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. - CVE-2026-22857: heap-use-after-free in irpthreadfunc...

OPENSUSE-SU-2026:20305-1 Security update for podman

This update for podman fixes the following issues: Changes in podman: - Add symlink to catatonit in /usr/libexec/podman bsc1248988 - CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read bsc1253993 - CVE-2025-47913: Fixed...

SUSE-SU-2026:20641-1 Security update for podman

This update for podman fixes the following issues: Changes in podman: - Add symlink to catatonit in /usr/libexec/podman bsc1248988 - CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read bsc1253993 - CVE-2025-47913: Fixed...

SUSE-SU-2026:20626-1 Security update for podman

This update for podman fixes the following issues: Changes in podman: - Add symlink to catatonit in /usr/libexec/podman bsc1248988 - CVE-2025-47914: Fixed golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read bsc1253993 - CVE-2025-47913: Fixed...

SUSE-SU-2026:0763-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-24491: heap-use-after-free in videotimer bsc1257981. - CVE-2026-24675: heap-use-after-free in urbselectinterface bsc1257982. - CVE-2026-24676: heap-use-after-free in audioformatcompatible bsc1257983. - CVE-2026-24677:...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...