Eight of nine major Chinese keyboard apps were found to have vulnerabilities that could be leveraged to expose nearly a billion users' keystrokes, The Hacker News reports.
TechCrunch reports that popular phone tracking app iSharing had the exact location details of its more than 35 million users exposed due to vulnerabilities that prevented the app's servers from conducting proper checks of user data access.
Moldovan botnet operator Alexander Lefterov, also known as Alipatime, Alipako, and Uptime, has been indicted by the U.S. Department of Justice for his involvement in widespread attacks against U.S.-based computers, BleepingComputer reports.
SecurityWeek reports that Siemens has confirmed that its Ruggedcom APE1808 devices configured with a Palo Alto Networks virtual next-generation firewall may be impacted by the actively exploited Palo Alto Networks firewall vulnerability, tracked as CVE-2024-3400.
Vulnerable CrushFTP file transfer server software instances impacted by a critical virtual file system escape zero-day have been subjected to ongoing targeted attacks that could enable the download of system files, Security Affairs reports.