42 matches found
Car Tyre Sensors Can Be Used to Track Drivers Without Their Knowledge
New research from IMDEA Networks reveals how unencrypted signals from tyre pressure sensors in brands like Toyota and Mercedes can be used for covert vehicle tracking. Learn how these low-cost systems can map out your daily routines and why current regulations fail to protect driver privacy...
CVE-2026-27967
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
CVE-2026-27967 Symlink Escape in Agent File Tools
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
EUVD-2026-8777
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
CVE-2026-27967
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
CVE-2026-27967
CVE-2026-27967 affects Zed code editor before 0.225.9. A symlink escape in Agent file tools (read_file, edit_file) lets reading/writing files outside the project directory when a project contains external symlinks, bypassing workspace boundaries and privacy protections (file_scan_exclusions, priv...
CVE-2026-27967 Symlink Escape in Agent File Tools
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
CVE-2026-27967 Symlink Escape in Agent File Tools
Zed, a code editor, has a symlink escape vulnerability in versions prior to 0.225.9 in Agent file tools readfile, editfile. It allows reading and writing files outside the project directory when a project contains symbolic links pointing to external paths. This bypasses the intended workspace...
Are we ready for ChatGPT Health?
How comfortable are you with sharing your medical history with an AI? I’m certainly not. OpenAI’s announcement about its new ChatGPT Health program prompted discussions about data privacy and how the company plans to keep the information users submit safe. ChatGPT Health is a dedicated “health...
EUVD-2022-52277
Malicious code in bioql PyPI...
EUVD-2025-15920
Malicious code in bioql PyPI...
Electron Capture 安全漏洞
Electron Capture is a window capture software by Steve Seguin Personal Developer. A security vulnerability exists in Electron Capture 2.19.1 and earlier versions, which stems from a vulnerability that allows bypassing macOS TCC privacy protections and could lead to arbitrary Node.js code executio...
Thwart Me If You Can: an Empirical Analysis of Android Platform Armoring against Stalkerware
Stalkerware is a serious threat to individuals' privacy that is receiving increased attention from the security and privacy research communities. Existing works have largely focused on studying leading stalkerware apps, dual-purpose apps, monetization of stalkerware, or the experience of survivor...
Balancing Privacy and Utility in Correlated Data: a Study of Bayesian Differential Privacy
Privacy risks in differentially private DP systems increase significantly when data is correlated, as standard DP metrics often underestimate the resulting privacy leakage, leaving sensitive information vulnerable. Given the ubiquity of dependencies in real-world databases, this oversight poses a...
New Way to Covertly Track Android Users
Researchers have discovered a new way to covertly track Android users. Both Meta and Yandex were using it, but have suddenly stopped now that they have been caught. The details are interesting, and worth reading in detail: Tracking code that Meta and Russia-based Yandex embed into millions of...
CVE-2022-30334
Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that us...
iOS 18 is out. Here are the new privacy and security features
On September 16, 2024, Apple released iOS 18. Besides a lot of exciting new features, iOS 18 comes with some privacy and security enhancements. One of the most promising new features is the new Passwords app. Built on the foundation of Apple's password management system Keychain, Passwords makes ...
An Alleged Russian Spy Was Busted Trying to Intern at The Hague
Plus: Firefox adds new privacy protections, a big Intel and AMD chip flaw, and more of the week’s top security news...
Biden wants stronger privacy protections, no targeted ads for children
On March 1, US President Joe Biden gave his first State of the Union Address SOTU speech to Congress. In it, Biden highlighted the dire need to get help for teens with mental health issues. He demanded tech companies implement more robust privacy protections for kids and teens using their online...
Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors
Starting June 8, Amazon will automatically enable a feature on its family of hardware devices, including Echo speakers, Ring Video Doorbells, Ring Floodlight Cams, and Ring Spotlight Cams, that will share a small part of your Internet bandwidth with nearby neighbors — unless you choose to opt-out...