Lucene search
K

39 matches found

Malwarebytes
Malwarebytes
added 2025/10/14 12:21 p.m.10 views

Pixel-stealing “Pixnapping” attack targets Android devices

Researchers at US universities have demonstrated how a malicious Android app can trick the system into leaking pixel data. That may sound harmless, but imagine if a malicious app on your Android device could glimpse tiny bits of information on your screen—even the parts you thought were secure,...

5.5CVSS6.2AI score0.00122EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-7987

Malware in sbrugna...

8.6CVSS8.8AI score0.01085EPSS
Exploits0References2
HackRead
HackRead
added 2025/10/06 6:4 p.m.4 views

Spyware Disguised as Signal and ToTok Apps Targets UAE Android Users

ESET warns of fake Signal and ToTok apps spreading Android spyware in the UAE, stealing contacts, messages, and chat backups from users...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2025-17044

Malicious code in bioql PyPI...

6.4CVSS4.8AI score0.00257EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2025-14002

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00323EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-14003

Malicious code in bioql PyPI...

4.9CVSS9.2AI score0.00394EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-32797

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.02192EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/06/08 3:16 a.m.22 views

CVE-2025-5715

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

3.8CVSS4.2AI score0.00257EPSS
Exploits1References1
OSV
OSV
added 2025/06/06 4:15 a.m.8 views

CVE-2025-5715

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

6.4CVSS4.2AI score0.00257EPSS
Exploits1References5
NVD
NVD
added 2025/06/06 4:15 a.m.11 views

CVE-2025-5715

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

6.4CVSS0.00257EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/06 3:0 a.m.13 views

CVE-2025-5715 Signal App Biometric Authentication missing critical step in authentication

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

3.8CVSS0.00257EPSS
Exploits1References4
CVE
CVE
added 2025/06/06 3:0 a.m.57 views

CVE-2025-5715

CVE-2025-5715 concerns Signal App 7.41.4 on Android with a vulnerability in the Biometric Authentication Handler causing a missing critical authentication step. The issue affects the authentication flow in the Biometric Authentication Handler component and can be exploited by attacking the physic...

6.4CVSS6.7AI score0.00257EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/06 3:0 a.m.6 views

CVE-2025-5715 Signal App Biometric Authentication missing critical step in authentication

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

3.8CVSS4.5AI score0.00257EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.7 views

PT-2025-24006 · Signal · Signal App

Name of the Vulnerable Software and Affected Versions: Signal App version 7.41.4 Description: A vulnerability was found in the Biometric Authentication Handler component, which affects the authentication process by missing a critical step. The attack can be launched on a physical device and has a...

3.8CVSS4AI score0.00257EPSS
Exploits1References8
CNNVD
CNNVD
added 2025/06/06 12:0 a.m.4 views

Signal App 安全漏洞

Signal App is an end-to-end encrypted secure messaging platform from Signal USA. A security vulnerability exists in Signal App version 7.41.4, which stems from a missing critical authentication step in the component Biometric Authentication Handler...

6.4CVSS5AI score0.00257EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 1:5 a.m.7 views

CVE-2022-28345

The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking links, appearing t...

7.5CVSS7.2AI score0.02192EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2025/05/08 12:0 a.m.5 views

VulnCheck KEV: CVE-2025-47730

The TeleMessage archiving backend through 2025-05-05 accepts API calls to request an authentication token from the TM SGNL aka Archive Signal app with the credentials of logfile for the user and enRR8UVVywXYbFkqUQDPRkO for the password...

7.5CVSS5.8AI score0.00323EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2025/03/26 6:54 p.m.6 views

SignalGate Isn’t About Signal

The Trump cabinet’s shocking leak of its plans to bomb Yemen raises myriad confidentiality and legal issues. The security of the encrypted messaging app Signal is not one of them...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2025/03/20 6:8 a.m.13 views

CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages

The Computer Emergency Response Team of Ukraine CERT-UA is warning of a new campaign that targets the defense sectors with Dark Crystal RAT aka DCRat. The campaign, detected earlier this month, has been found to target both employees of enterprises of the defense-industrial complex and individual...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/07 7:13 a.m.15 views

SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign

The Computer Emergency Response Team of Ukraine CERT-UA has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC-0020, whic...

7.2AI score
Exploits0
Rows per page
Query Builder