Spiral Toys has filed a breach notification with the California Attorney General’s office informing them of the CloudPets data breach.
Browsing Author: Michael Mimoso
The popular NextGEN Gallery WordPress plugin was recently patched to address a “severe” SQL injection vulnerability that put website databases at risk.
Voice messages from children sent through an internet-connected toy called CloudPets were stolen from an exposed MongoDB database, which has been wiped clean and the data held for ransom.
Google’s E2EMail Chrome extension brings OpenPGP encryption to Gmail users.
Cloudflare has fixed an issue where its customer traffic was leaking memory that included sensitive information including authentication cookies, POST data and more.
Existing mitigations and limitations around a newly disclosed Linux kernel vulnerability in the DCCP module mute the potential impact of local attacks.
Newly disclosed FTP injection vulnerabilities in Java and Python that are fueled by rather common XML External Entity (XXE) flaws allow for firewall bypasses.
Sites still vulnerable to a REST API endpoint flaw in WordPress are now being targeted by attackers trying to turn a profit.
New file-sharing protocols and interfaces called Upspin have been released to open source. Built by Google, Upspin returns access control and data security to the user.
A Windows-based botnet is spreading a Mirai variant that is also capable of spreading to Linux systems under certain conditions, Kaspersky Lab researchers said.