EUVD-2021-10342

Malware in sbrugna...

AT&T Confirms Data Breach Affecting Nearly All Wireless Customers

American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators MVNOs using AT&T's wireless network. "Threat actors unlawfully accessed an AT&T workspace on ...

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

A critical security vulnerability has been disclosed in the Open Authorization OAuth implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs...

Broward Breach Highlights Healthcare Supply-Chain Problems

This week’s announcement by Florida’s Broward Health System that the most intimate medical data of 1,357,879 of its patients was breached in the fall should serve as a warning that the healthcare software supply chain will be a juicy target for cybercriminals as we head into 2022, researchers war...

CVE-2021-23243

In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used...

Ubiquiti: Change Your Password, Enable 2FA

Ubiquiti, a major vendor of cloud-enabled Internet of Things IoT devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud...

Synology SRM dnsExit DDNS provider information disclosure vulnerability

Summary An information disclosure vulnerability exists in the dnsExit DDNS provider functionality of Synology SRM 1.2.3 RT2600ac 8017-5. A specially crafted man-in-the-middle attack can steal the dnsExit credentials to take over the registered subdomain. An attacker can impersonate the remote...

Gratipay: 400 Bad Request [Use a third-party provider to sign in or create an account on Gratipay]

hi team .. i can not login or sign up with third-party social media like facebook , google , twitter ... i check one of them it show me message error 400 Bad Request please fixed soon...

Possible Breach Results in Shutdown of Many Retail Photo Services

A potential data breach at a third-party provider has resulted in the shut down of retail photo-printing services at a number of chains, including CVS, Costco, Rite Aid, and several others. The breach reportedly hit PNI Digital Media, a Canadian company that provides the online photo platform for...