PT-2026-7746

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.3 macOS versions prior to Sonoma 14.8.4 macOS versions prior to Sequoia 15.7.4 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 Description An application may be able to bypass certain Privacy...

Apple Xcode security vulnerabilities

Apple Xcode is an integrated development environment provided by the American company Apple for developers. It is primarily used for developing applications for Mac OS X and iOS platforms. Versions of Apple Xcode prior to 16.3 contained security vulnerabilities due to permission issues, which cou...

Telegram to Add Warning for Proxy Links After IP Leak Concerns

Telegram will add a warning for proxy links after reports showed they can expose user IP addresses with a single click, bypassing VPN or privacy settings...

8 WhatsApp Features to Boost Your Security and Privacy

Meta’s end-to-end encrypted messaging app is used by billions of people. Here’s how to make sure you’re one of the most locked-down ones out there...

CVE-2025-66027 Rallly Information Disclosure Vulnerability in Participant API Leaks Names and Emails Despite Pro Privacy Settings

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple visionOS is an operating system for AR glasses. A security vulnerability exists in several Apple products, which stems from an...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sequoia prior to version 15.7, which stems from insufficient symbolic link validation and could lead to bypassing privacy...

Meta Rolls Out New Tools to Protect WhatsApp and Messenger Users from Scams

Meta on Tuesday said it's launching new tools to protect Messenger and WhatsApp users from potential scams. To that end, the company said it's introducing new warnings on WhatsApp when users attempt to share their screen with an unknown contact during a video call so as to prevent them from givin...

EUVD-2012-0617

Malware in sbrugna...

EUVD-2020-5612

Malware in sbrugna...

EUVD-2025-28457

Malicious code in bioql PyPI...

EUVD-2025-11354

Malicious code in bioql PyPI...

EUVD-2024-2223

Malicious code in bioql PyPI...

EUVD-2023-31043

Malicious code in bioql PyPI...

EUVD-2023-45600

Malicious code in bioql PyPI...

LinkedIn will use your data to train its AI unless you opt out now

LinkedIn plans to share user data with Microsoft and its affiliates for AI training. Framed as "legitimate interest", it won't ask for your permission—instead you'll have to opt out before the deadline. Microsoft has made major investments in ChatGPT’s creator OpenAI, and as we know, the more dat...

CVE-2025-5275

The Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the privacy settings fields in all versions up to, and including, 1.8.6.1 due to insufficient input sanitization and output escaping...

CVE-2025-5275

CVE-2025-5275 covers a Stored XSS in the WordPress plugin Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More (versions up to 1.8.6.1). Root cause: insufficient input sanitization and output escaping in privacy settings. Exploitation requires authenticated adm...

Tracking GPTs Third Party Service: Automation, Analysis, and Insights

ChatGPT has quickly advanced from simple natural language processing to tackling more sophisticated and specialized tasks. Drawing inspiration from the success of mobile app ecosystems, OpenAI allows developers to create applications that interact with third-party services, known as GPTs. GPTs ca...

Mattermost Server 9.11.x < 9.11.13 / 10.5.x < 10.5.4 / 10.6.x < 10.6.3 / 10.7.1 Multiple Vulnerabilities (MMSA-2025-00458, MMSA-2025-00463, MMSA-2025-00467)

The version of Mattermost Server installed on the remote host is prior to 9.11.13, 10.5.4, 10.6.3, or 10.7.0. It is, therefore, affected by multiple vulnerabilities as referenced in the MMSA-2025-00458, MMSA-2025-00463, MMSA-2025-00467 advisories. - Mattermost versions 10.7.x = 10.7.0, 10.6.x =...