HAProxy Found Vulnerable to Critical HTTP Request Smuggling AttackThe Hacker News
A critical security vulnerability has been disclosed in HAProxy, a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary...
ProtonMail Shares Activist's IP Address With Authorities Despite Its "No Log" ClaimsThe Hacker News
End-to-end encrypted email service provider ProtonMail has drawn criticism after it ceded to a legal request and shared the IP address of anti-gentrification activists with law enforcement authorities, leading to their arrests in France.
The Switzerland-based company said it received a "legally binding order...
Traffic Exchange Networks Distributing Malware Disguised as Cracked SoftwareThe Hacker News
An ongoing campaign has been found to leverage a network of websites acting as a "dropper as a service" to deliver a bundle of malware payloads to victims looking for "cracked" versions of popular business and consumer applications.
"These malware included...
Critical Auth Bypass Bug Affect NETGEAR Smart Switches — Patch and PoC ReleasedThe Hacker News
Networking, storage and security solutions provider Netgear on Friday issued patches to address three security vulnerabilities affecting its smart switches that could be abused by an adversary to gain full control of a vulnerable device.
The flaws, which were discovered and reported to...
