Written

MALICIOUS CODE IN TORNADO CASH GOVERNANCE PROPOSAL PUTS USER FUNDS AT RISK 📗 Date: 27 Feb, 2024Source: Beeping Computer Malicious JavaScript code hidden in a Tornado Cash governance proposal has been leaking deposit notes and data to a private server for almost two months. This leak compromises the privacy and security of all fund transactions […]

APPLE SHORTCUTS VULNERABILITY EXPOSES SENSITIVE INFORMATION 📗 Date: 23 Feb, 2024Source: Security Week A high-severity vulnerability in the Apple Shortcuts application could allow attackers to access sensitive information without prompting the user. The issue, tracked as CVE-2024-23204 and impacting both iOS and macOS users, could only be triggered with certain actions, but allows attackers to

CRITICAL FLAW FOUND IN DEPRECIATED VMWARE EAP. UNINSTALL IT IMMEDIATELY 📗 Date: 21 Feb, 2024Source: Security Affairs VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the discovery of an arbitrary authentication