News

‘Sploitlight’ Vulnerability: How Hackers Bypassed Apple’s TCC Protections
Unpatched Apple devices remain exposed to Sploitlight, a macOS flaw that allows unauthorized access to private user data ...
Microsoft4d
Sploitlight: Analyzing a Spotlight-based macOS TCC vulnerability
Microsoft Threat Intelligence has discovered a macOS vulnerability, tracked as CVE-2025-31199, that could allow attackers to ...
Infosecurity Magazine7dOpinion
A Court Ruling on Bug Bounties Just Made the Internet Less Safe
Congress and the Trump Administration Must Fix a Ruling prohibiting private companies from retroactively authorizing access ...
How A Clash Of Cultures Changed Software Security Forever
Vulnerabilities don’t get fixed because we wish them away. They get fixed because someone insists that they can’t be ignored.
Using Apple's Mac device? Update it to latest macOS now: Check reason here
Reportedly, Microsoft has disclosed a macOS flaw dubbed 'Sploitlight' that could have let attackers access highly sensitive ...
HealthcareInfoSecurity2d
Critical Flaws Found in Dahua Cameras
Critical Flaws Unauthenticated attackers could remotely hijack Dahua Hero C1 smart cameras by exploiting firmware ...
Microsoft Warns of New ‘SploitLight’ Vulnerability in macOS
New SploitLight macOS vulnerability lets attackers use Spotlight plugins to bypass TCC and access sensitive data cached by ...
SecurityWeek5d
Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations
The Post SMTP email delivery WordPress plugin is affected by a critical vulnerability and half of websites using it remain ...
New Lenovo UEFI firmware updates fix Secure Boot bypass flaws
Lenovo is warning about high-severity BIOS flaws that could allow attackers to potentially bypass Secure Boot in all-in-one ...
The Hacker News2d
Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero
Google has announced that it's making a security feature called Device Bound Session Credentials (DBSC) in open beta to ...
Blame a leak for Microsoft SharePoint attacks, researcher insists
"A leak happened here somewhere," Dustin Childs, head of threat awareness at Trend Micro's Zero Day Initiative (ZDI), told ...