Med-Mastodon

Shine My CrownBeauty, Vulnerability, And Bravery: What We’re Learning From Halle Bailey’s Emotional New Anthem <a href="https://shinemycrown.com/beauty-vulnerability-and-bravery-what-were-learning-from-halle-baileys-emotional-new-anthem/?utm_source=dlvr.it&utm_medium=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://shinemycrown.com/beauty-vulnerability-and-bravery-what-were-learning-from-halle-baileys-emotional-new-anthem/?utm_source=dlvr.it&utm_medium=mastodon</a> <a href="https://newsie.social/tags/Beauty" class="mention hashtag" rel="nofollow noopener" target="_blank">#Beauty</a> <a href="https://newsie.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://newsie.social/tags/Bravery" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bravery</a> <a href="https://newsie.social/tags/HalleBailey" class="mention hashtag" rel="nofollow noopener" target="_blank">#HalleBailey</a> <a href="https://newsie.social/tags/Braveface" class="mention hashtag" rel="nofollow noopener" target="_blank">#Braveface</a>

Alexandre DulaunoyI’ll do an online session about GCVE in 30 minutes. If you want to join, all details are below.<a href="https://infosec.exchange/tags/gcve" class="mention hashtag" rel="nofollow noopener" target="_blank">#gcve</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerabilitymanagement</a> <a href="https://infosec.exchange/@gcve@social.circl.lu/114873102367912236" translate="no" rel="nofollow noopener" target="_blank">https://infosec.exchange/@gcve@social.circl.lu/114873102367912236</a>

BeyondMachines :verified:Oracle releases July 2025 Critical Patch Update addressing 309 vulnerabilitiesOracle released its July 2025 Critical Patch Update addressing 309 security vulnerabilities across its product ecosystem, including multiple critical flaws that enable remote code execution without authentication in products like Oracle Middleware, Managed File Transfer, and Healthcare systems.**One more massive patch release covering all products of Oracle. Make sure you review the list of products with critical vulnerabilities, then go through the full list. It's going to be a long patching process. Prioritize products with critical flaws and move onward. As usual, always make a backup before running a patch on Oracle product.** <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/advisory" class="mention hashtag" rel="nofollow noopener" target="_blank">#advisory</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://beyondmachines.net/event_details/oracle-releases-july-2025-critical-patch-update-addressing-309-vulnerabilities-8-m-y-2-k/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank">https://beyondmachines.net/event_details/oracle-releases-july-2025-critical-patch-update-addressing-309-vulnerabilities-8-m-y-2-k/gD2P6Ple2L</a>

BillIf you are genuinely interested in keeping shit safe, this has to be at least of some interest. Even if LLMs on a cron job are your kryptonite.<a href="https://thehackernews.com/2025/07/google-ai-big-sleep-stops-exploitation.html?m=1" rel="nofollow noopener" translate="no" target="_blank">https://thehackernews.com/2025/07/google-ai-big-sleep-stops-exploitation.html?m=1</a><a href="https://infosec.exchange/tags/agenticai" class="mention hashtag" rel="nofollow noopener" target="_blank">#agenticai</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a>

:verified: domenukOur Big Sleep LLM Agent found critical vulns 📈📈📈<a href="https://blog.google/technology/safety-security/cybersecurity-updates-summer-2025/" rel="nofollow noopener" translate="no" target="_blank">https://blog.google/technology/safety-security/cybersecurity-updates-summer-2025/</a> <a href="https://infosec.exchange/tags/BigSleep" class="mention hashtag" rel="nofollow noopener" target="_blank">#BigSleep</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a>

CVE ProgramMinutes from the CVE Board teleconference meeting on June 25 are now available <a href="https://www.mail-archive.com/cve-editorial-board-list@mitre.org/msg00277.html" rel="nofollow noopener" translate="no" target="_blank">https://www.mail-archive.com/cve-editorial-board-list@mitre.org/msg00277.html</a> <a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#cve</a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerabilitymanagement</a> <a href="https://mastodon.social/tags/hssedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#hssedi</a> <a href="https://mastodon.social/tags/cisa" class="mention hashtag" rel="nofollow noopener" target="_blank">#cisa</a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a>

Pyrzout :vm:Researchers Jailbreak Elon Musk’s Grok-4 AI Within 48 Hours of Launch – Source:hackread.com <a href="https://ciso2ciso.com/researchers-jailbreak-elon-musks-grok-4-ai-within-48-hours-of-launch-sourcehackread-com/" rel="nofollow noopener" translate="no" target="_blank">https://ciso2ciso.com/researchers-jailbreak-elon-musks-grok-4-ai-within-48-hours-of-launch-sourcehackread-com/</a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener" target="_blank">#1CyberSecurityNewsPost</a> <a href="https://social.skynetcloud.site/tags/artificialintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#artificialintelligence</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://social.skynetcloud.site/tags/NeuralTrust" class="mention hashtag" rel="nofollow noopener" target="_blank">#NeuralTrust</a> <a href="https://social.skynetcloud.site/tags/Jailbreak" class="mention hashtag" rel="nofollow noopener" target="_blank">#Jailbreak</a> <a href="https://social.skynetcloud.site/tags/ElonMusk" class="mention hashtag" rel="nofollow noopener" target="_blank">#ElonMusk</a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hackread</a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://social.skynetcloud.site/tags/twitter" class="mention hashtag" rel="nofollow noopener" target="_blank">#twitter</a> <a href="https://social.skynetcloud.site/tags/Grok4" class="mention hashtag" rel="nofollow noopener" target="_blank">#Grok4</a> <a href="https://social.skynetcloud.site/tags/xAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#xAI</a> <a href="https://social.skynetcloud.site/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://social.skynetcloud.site/tags/X" class="mention hashtag" rel="nofollow noopener" target="_blank">#X</a>

BilleSIM vulnerability discovered. That's gonna be a rough one to fix if it is genuinely exploitable.<a href="https://security-explorations.com/esim-security.html" rel="nofollow noopener" translate="no" target="_blank">https://security-explorations.com/esim-security.html</a><a href="https://infosec.exchange/tags/iot" class="mention hashtag" rel="nofollow noopener" target="_blank">#iot</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a>

Who Let The Dogs Out 🐾FortiWeb взломан изнутри: SQL-инъекция 9.6/10 позволяет писать код в БД<a href="https://mastodon.ml/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a> <a href="https://mastodon.ml/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://mastodon.ml/tags/FortiWeb" class="mention hashtag" rel="nofollow noopener" target="_blank">#FortiWeb</a> В компоненте Fabric Connector (интеграция продуктов Fortinet) обнаружена (<a href="https://fortiguard.fortinet.com/psirt/FG-IR-25-151" rel="nofollow noopener" translate="no" target="_blank">https://fortiguard.fortinet.com/psirt/FG-IR-25-151</a>) критическая уязвимость CVE-2025-25257 (9.6/10 CVSS). Атакующий без авторизации мог: → Выполнять произвольные SQL-запросы через поддельный Bearer-токен в заголовке Authorization; → Использовать SELECT... INTO OUTFILE для записи вредоносного кода на диск; → Запускать код через Python, получая полный контроль над системой (от имени пользователя mysql).Уязвимые версии: FortiWeb 7.6.0–7.6.3, 7.4.0–7.4.7, 7.2.0–7.2.10, 7.0.0–7.0.10. Решение: Срочно обновиться до 7.6.4, 7.4.8, 7.2.11 или 7.0.11. До патча — отключить веб-интерфейсы HTTP/HTTPS.Как починили? Fortinet заменила небезопасные форматные строки на подготовленные выражения (prepared statements), блокирующие SQL-инъекции. Уязвимость нашёл Кентаро Кавана (GMO Cybersecurity) — эксперт по взлому Cisco.

Alexandre DulaunoyWrapped up an energising Vulnerability Lookup workshop during <a href="https://social.circl.lu/@circl" class="u-url mention" rel="nofollow noopener" target="_blank">@circl</a>’s Virtual Summer School 2025.Video and slides are now available. Big thanks to everyone who joined the discussions.:youtube: Video <a href="https://youtu.be/imkPqA-1mVE" rel="nofollow noopener" translate="no" target="_blank">https://youtu.be/imkPqA-1mVE</a> 📜 Slides <a href="https://www.vulnerability-lookup.org/files/events/2025/VSS-2025-VulnerabilityLookup.pdf" rel="nofollow noopener" translate="no" target="_blank">https://www.vulnerability-lookup.org/files/events/2025/VSS-2025-VulnerabilityLookup.pdf</a><a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#opensource</a> <a href="https://infosec.exchange/tags/gcve" class="mention hashtag" rel="nofollow noopener" target="_blank">#gcve</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerabilitymanagement</a> <a href="https://social.circl.lu/@gcve" class="u-url mention" rel="nofollow noopener" target="_blank">@gcve</a> <a href="https://fosstodon.org/@cedric" class="u-url mention" rel="nofollow noopener" target="_blank">@cedric</a> <a href="https://social.yoyodyne-it.eu/@rafi0t" class="u-url mention" rel="nofollow noopener" target="_blank">@rafi0t</a>

Fossery Tech :debian: :gnome:(more Linux news in original post)Initramfs vulnerability lets attackers with physical access compromise encrypted systems by entering incorrect password several times and accessing the debug shell on Ubuntu 25.04 and Fedora 42 systems: <a href="https://www.omgubuntu.co.uk/2025/07/ubuntu-security-initramfs-bypass-encryption" rel="nofollow noopener" translate="no" target="_blank">https://www.omgubuntu.co.uk/2025/07/ubuntu-security-initramfs-bypass-encryption</a>Linux kernel 6.15.6 and 6.12.37 LTS deliver TSA (Transient Scheduler Attacks) mitigations: <a href="https://www.phoronix.com/news/Linux-6.15.6-Linux-6.12.37-LTS" rel="nofollow noopener" translate="no" target="_blank">https://www.phoronix.com/news/Linux-6.15.6-Linux-6.12.37-LTS</a>Wayback is now hosted on FreeDesktop.org: <a href="https://www.phoronix.com/news/Wayback-FreeDesktop.org" rel="nofollow noopener" translate="no" target="_blank">https://www.phoronix.com/news/Wayback-FreeDesktop.org</a>System76 Adder WS laptop available with Intel Core Ultra i9 and NVIDIA 50 series: <a href="https://9to5linux.com/system76s-adder-ws-linux-laptop-gets-intel-core-ultra-i9-and-nvidia-50-series" rel="nofollow noopener" translate="no" target="_blank">https://9to5linux.com/system76s-adder-ws-linux-laptop-gets-intel-core-ultra-i9-and-nvidia-50-series</a>(FOSS news in comments)<a href="https://social.linux.pizza/tags/WeeklyNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#WeeklyNews</a> <a href="https://social.linux.pizza/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#News</a> <a href="https://social.linux.pizza/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://social.linux.pizza/tags/LinuxNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#LinuxNews</a> <a href="https://social.linux.pizza/tags/Initramfs" class="mention hashtag" rel="nofollow noopener" target="_blank">#Initramfs</a> <a href="https://social.linux.pizza/tags/LinuxKernel" class="mention hashtag" rel="nofollow noopener" target="_blank">#LinuxKernel</a> <a href="https://social.linux.pizza/tags/Wayback" class="mention hashtag" rel="nofollow noopener" target="_blank">#Wayback</a> <a href="https://social.linux.pizza/tags/System76" class="mention hashtag" rel="nofollow noopener" target="_blank">#System76</a> <a href="https://social.linux.pizza/tags/LinuxDesktop" class="mention hashtag" rel="nofollow noopener" target="_blank">#LinuxDesktop</a> <a href="https://social.linux.pizza/tags/DesktopLinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#DesktopLinux</a> <a href="https://social.linux.pizza/tags/LinuxLaptop" class="mention hashtag" rel="nofollow noopener" target="_blank">#LinuxLaptop</a> <a href="https://social.linux.pizza/tags/XWayland" class="mention hashtag" rel="nofollow noopener" target="_blank">#XWayland</a> <a href="https://social.linux.pizza/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.linux.pizza/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://social.linux.pizza/tags/FosseryTech" class="mention hashtag" rel="nofollow noopener" target="_blank">#FosseryTech</a>

JayeLTeeI received an email earlier this week from EA asking if I wanted to be added to a public acknowledgement page they were creating for individuals who responsibly disclosed vulnerabilities to them.For all the shit people give EA, of the 100+ companies I contacted in the last two years, they were the only company I would say had a decent incident response.They fixed the issue within 12 hours after validating it as critical, and proactively provided me multiple updates over time.When the IR was done on their side, they reached out again with some more information about the potential impact if the issue hadn't been solved quickly, and also offered me a reward.I did not have to keep chasing anyone for updates, I wasn't asked for non-disclosure, or offered money in exchange for it, and people replied instead of ignoring me.I wasn't blamed for their mistake, either, or reported to the authorities.Unfortunately, at least one or multiple of the things mentioned above are present in most of my other incidents reported; it's a real shit show out there.<a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/responsibledisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#responsibledisclosure</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://infosec.exchange/tags/ea" class="mention hashtag" rel="nofollow noopener" target="_blank">#ea</a> <a href="https://infosec.exchange/tags/electronicarts" class="mention hashtag" rel="nofollow noopener" target="_blank">#electronicarts</a>

Pyrzout :vm:McDonald’s AI Hiring Tool McHire Leaked Data of 64 Million Job Seekers <a href="https://hackread.com/mcdonalds-ai-hiring-tool-mchire-leaked-job-seekers-data/" rel="nofollow noopener" translate="no" target="_blank">https://hackread.com/mcdonalds-ai-hiring-tool-mchire-leaked-job-seekers-data/</a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.skynetcloud.site/tags/McDonald" class="mention hashtag" rel="nofollow noopener" target="_blank">#McDonald</a> <a href="https://social.skynetcloud.site/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a> <a href="https://social.skynetcloud.site/tags/Paradox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Paradox</a> <a href="https://social.skynetcloud.site/tags/Leaks" class="mention hashtag" rel="nofollow noopener" target="_blank">#Leaks</a> <a href="https://social.skynetcloud.site/tags/IDOR" class="mention hashtag" rel="nofollow noopener" target="_blank">#IDOR</a> <a href="https://social.skynetcloud.site/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a>

PrivacyDigestCritical <a href="https://mas.to/tags/CitrixBleed" class="mention hashtag" rel="nofollow noopener" target="_blank">#CitrixBleed</a> 2 <a href="https://mas.to/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> has been under active <a href="https://mas.to/tags/exploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#exploit</a> for weeksA critical vulnerability allowing <a href="https://mas.to/tags/hackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#hackers</a> to bypass <a href="https://mas.to/tags/multifactor" class="mention hashtag" rel="nofollow noopener" target="_blank">#multifactor</a> <a href="https://mas.to/tags/authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentication</a> in network management devices made by <a href="https://mas.to/tags/Citrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#Citrix</a> has been actively <a href="https://mas.to/tags/exploited" class="mention hashtag" rel="nofollow noopener" target="_blank">#exploited</a> for more than a month, researchers said. The finding is at odds with advisories from the vendor saying there is no evidence of in-the-wild <a href="https://mas.to/tags/exploitation" class="mention hashtag" rel="nofollow noopener" target="_blank">#exploitation</a>. <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a><a href="https://arstechnica.com/security/2025/07/critical-citrixbleed-2-vulnerability-has-been-under-active-exploit-for-weeks/" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/security/2025/07/critical-citrixbleed-2-vulnerability-has-been-under-active-exploit-for-weeks/</a>

Xavier Ashe :donor:This seems Very Bad(tm) "... the downloaded profile can be potentially modified in such a way, so that the operator loses control over the profile (no ability for remote control / no ability to disable / invalidate it, etc.), the operator can be provided with a completely false view of the profile state (the result of its remote management ops in particular) or all of its activity can be subject to monitoring (vide rogue apps mimicking / proxying behavior of real ones)" <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://infosec.exchange/tags/esim" class="mention hashtag" rel="nofollow noopener" target="_blank">#esim</a> <a href="https://infosec.exchange/tags/android" class="mention hashtag" rel="nofollow noopener" target="_blank">#android</a> <a href="https://infosec.exchange/tags/iphone" class="mention hashtag" rel="nofollow noopener" target="_blank">#iphone</a> <a href="https://security-explorations.com/esim-security.html" rel="nofollow noopener" translate="no" target="_blank">https://security-explorations.com/esim-security.html</a>

Offensive Sequence🚨 CVE-2025-34102: CRITICAL RCE in discontinued CryptoLog PHP! Unauthenticated attackers can chain SQLi (login.php) ➡️ command injection (logshares_ajax.php) for shell access. No patch—migrate or isolate now. <a href="https://radar.offseq.com/threat/cve-2025-34102-cwe-89-improper-neutralization-of-s-7d380c2e" rel="nofollow noopener" translate="no" target="_blank">https://radar.offseq.com/threat/cve-2025-34102-cwe-89-improper-neutralization-of-s-7d380c2e</a> <a href="https://infosec.exchange/tags/OffSeq" class="mention hashtag" rel="nofollow noopener" target="_blank">#OffSeq</a> <a href="https://infosec.exchange/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://infosec.exchange/tags/RCE" class="mention hashtag" rel="nofollow noopener" target="_blank">#RCE</a> <a href="https://infosec.exchange/tags/PHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHP</a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#Infosec</a>

BillI mean, I know all hardware is software and software has bugs and errors occur under the best circumstances but Christ on a motorbike. How does a company fuck up this badly? And they are clearly going after big customers with 10,000 access points. This shit will be the end of us.<a href="https://www.securityweek.com/unpatched-ruckus-vulnerabilities-allow-wireless-environment-hacking/" rel="nofollow noopener" translate="no" target="_blank">https://www.securityweek.com/unpatched-ruckus-vulnerabilities-allow-wireless-environment-hacking/</a><a href="https://infosec.exchange/tags/network" class="mention hashtag" rel="nofollow noopener" target="_blank">#network</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a>

RAZ13LFor almost all <a href="https://ciberlandia.pt/tags/android" class="mention hashtag" rel="nofollow noopener" target="_blank">#android</a> users except for <a href="https://ciberlandia.pt/tags/GrapheneOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#GrapheneOS</a> , you need to disable animations on the hidden developer option menu, and wait until <a href="https://ciberlandia.pt/tags/google" class="mention hashtag" rel="nofollow noopener" target="_blank">#google</a> decides to patch this <a href="https://ciberlandia.pt/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a>, that allows an app to silently access your location/mic/camera, etc and do a lot of nasty things on your device without your consent.Paper : <a href="https://taptrap.click/usenix25_taptrap_paper.pdf" rel="nofollow noopener" translate="no" target="_blank">https://taptrap.click/usenix25_taptrap_paper.pdf</a> Website: <a href="https://taptrap.click/" rel="nofollow noopener" translate="no" target="_blank">https://taptrap.click/</a>

Kyiv Independent Daily HeadlinesWednesday, July 9, 2025 Seeing war through the lens of Putin’s narcissism — ‘Torture was not just cruel, it was inhuman’ — Ukrainian soldier dies weeks after release from Russian captivity — Ukraine sanctions 5 Chinese firms for supplying components used in Russian drones — Russia’s Black Sea Fleet shrinks presence in key Crimean bay — Russia’s crude exports fall to lowest level since February … and more <a href="https://activitypub.writeworks.uk/2025/07/wednesday-july-9-2025/" rel="nofollow noopener" translate="no" target="_blank">https://activitypub.writeworks.uk/2025/07/wednesday-july-9-2025/</a>

erAckBelgium is unsafe for CVD (coordinated vulnerability disclosure) <a href="https://floort.net/posts/belgium-unsafe-for-cvd/" rel="nofollow noopener" translate="no" target="_blank">https://floort.net/posts/belgium-unsafe-for-cvd/</a><a href="https://social.tchncs.de/tags/CVD" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVD</a> <a href="https://social.tchncs.de/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://social.tchncs.de/tags/coordinated" class="mention hashtag" rel="nofollow noopener" target="_blank">#coordinated</a> <a href="https://social.tchncs.de/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://social.tchncs.de/tags/disclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#disclosure</a> <a href="https://social.tchncs.de/tags/Belgium" class="mention hashtag" rel="nofollow noopener" target="_blank">#Belgium</a>

Recent searches

Search options

Administered by:

Server stats:

#vulnerability