The set of vulnerabilities, collectively known as 5Ghoul, impacts USB and IoT modems as well as smartphones running Android and iOS, affecting 714 smartphones from 24 brands.

The Android app Barcode to Sheet, with over 100k downloads, has left sensitive user data exposed due to an open instance, including plaintext enterprise data and weakly hashed passwords.

By collaborating with state enforcers, the FCC can enhance its investigative efforts, share information, and leverage tools to address consumer harms more effectively in the realm of privacy and cybersecurity.

New records obtained through a public records request reveal that over 22,000 people were affected by a data breach at the Sweetwater Union High School District in California.

Experts suggest that the updated Terms of Use may not protect 23andMe from lawsuits, as it could be challenging to prove that users were given reasonable notice to opt out of the new terms.

The affected data was limited to information related to the franchise partner’s operations in a specific overseas territory and did not include any financial or payment card information.

Progress Software has disclosed two new high-severity vulnerabilities in its MOVEit file-transfer service, bringing the total number of vulnerabilities to eight since a zero-day exploit in May.

Hackers are using the free website Genial.ly to send phishing links as part of a Business Compromise 3.0 attack. Users receive legitimate-looking emails inviting them to click on a link to view content created in Genial.ly.

This malware is a Python-based information stealer compressed with cx-Freeze to evade detection. MrAnon Stealer steals its victims’ credentials, system information, browser sessions, and cryptocurrency extensions.

This vulnerability could allow attackers to run arbitrary PHP code on a target website. The vulnerability is a Property Oriented Programming (POP) chain that requires an attacker to control all the properties of a deserialized object.