EUVD-2026-31821

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

CVE-2026-48134 SQL injection issue in UserCheck Portal when DLP Software Blade is active

When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to manipulate the Security Gateway's stored DLP/UserCheck incident information. This could lead to...

CVE-2026-48134

The CVE-2026-48134 issue affects Check Point’s UserCheck Portal when the DLP blade is active, applying to UserCheck’s Web Portal UserChoice input handling. The root cause is an input-handling flaw that could allow an attacker with access to the UserCheck Ask page to manipulate stored DLP/UserChec...

Unable to save default application on UPM on Windows Desktop OS VDAs after February MS updates

After Microsoft Windows Updates on February 2024, Desktop OS VDAs using Citrix Profile Manager UPM profiles are unable to save default applications As part of the February 2024 updates KB5034763 for Windows 10 and KB5034765 for Windows 11, Microsoft introduced a new driver called the "User Choice...

Is Apple about to embrace third-party app stores?

On Tuesday, Bloomberg reported that Apple is preparing to allow access to third-party app stores on all iPhone and iPad devices owned by EU users, in anticipation of a new EU competition law coming into force in mid-2024. If the reporting is correct, then in future users in the EU will no longer ...

Information disclosure

Nextcloud iOS before 3.4.2 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only on the local Nextcloud server unless a global search has been explicitly chosen by the user...

Amazon Sidewalk starts sharing your WiFi tomorrow, thanks

Amazon smart device owners only have until June 8 to opt out of a new program that will group their Echo speakers and Ring doorbells into a shared wireless network with their neighbors, a new feature that the shopping giant claims will provide better stability for smart devices during initial set...

Your device, your choice: AdwCleaner now detects preinstalled software

For years, Malwarebytes has held firm to a core belief about you, the user: You should be able to decide for yourself which apps, programs, browsers, and other software end up on your computer, tablet, or mobile phone. Basically, it’s your device, your choice. With the latest update to Malwarebyt...

A user’s right to choose: Why Malwarebytes detects Potentially Unwanted Programs (PUPs)

Potentially Unwanted Programs PUPs: the name says it all. While the programs themselves might have legitimate uses, their vendors often use inappropriate methods to drive downloads or hide within a program bundle. At Malwarebytes, we feel we have an obligation to help protect our customers from...

EFF, AdBlock and Others Launch New Do Not Track Standard

After years of discussions, disagreements, and digressions, the Do Not Track header is supported by all of the major browsers. But because there’s no real requirement for sites or advertisers to respect it, DNT is not as effective as it could be. Now, the EFF, Disconnect, and several other...

CVE-2015-1274

Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted file and leveraging a user's previous "Always open files of this type" choice, related to...

CVE-2015-1274

Removed by vendor...

Google Implements Do Not Track in Chrome 23

Nearly two years after other browser vendors implemented it, Google on Tuesday finally released a version of Chrome that supports the Do Not Track functionality that helps users prevent Web sites from following their movements around the Web. Google’s move to include the technology is a response ...

Calling Foul on the Political Football That is Do Not Track

It looks like it’s time for a do-over for DNT. The oft-maligned specification has become—like many other standards efforts before it—a political football. Parties with interests on both sides of the issue have their own agendas, cannot agree on semantics and ignore, in this case, what should be t...

Apache Blocks IE 10 Do Not Track Privacy Setting

The co-founder of the Apache HTTP Server Project is under fire for a patch that instructs the world’s most popular Web server to ignore the Do Not Track privacy setting enabled by default in Internet Explorer 10. Do Not Track is a specification under consideration by the W3C and under development...

Mozilla Releases Field Guide to Do Not Track

Mozilla has released a comprehensive guide to the use and implementation of the Do Not Track technology that’s included in its Firefox browser, in an effort to give developers and advertisers a better handle on how the technology works and how users are taking advantage of it. The Do Not Track...