Feed aggregator

Article URL: https://www.washington.edu/news/2025/03/31/discovery-of-quina-technology-challenges-view-of-ancient-human-development-in-east-asia/

Comments URL: https://news.ycombinator.com/item?id=43545405

Points: 1

# Comments: 0

Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161.

The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek.

Article URL: https://polarsguide.com

Comments URL: https://news.ycombinator.com/item?id=43545384

Points: 1

# Comments: 0

A researcher found millions of pictures from specialized dating apps for iOS stored online without any kind of password protection.

The pictures, some of which are explicit, stem from dating apps that all have a specific audience. The five platforms, all developed by M.A.D. Mobile are kink sites BDSM People and Chica, and LGBT apps Pink, Brish, and Translove.

As we reported not too long ago, many iOS apps leak at least one hard coded secret. We consider hard coded secrets in the source code of the apps as exposed because they are relatively easy to find and abuse by cybercriminals. And those secrets can have serious consequences for the apps’ users

Cybernews’ Aras Nazarovas found the storage location (a Google Cloud Storage bucket) used by the apps by reverse engineering the code. To his surprise, he could access the unencrypted and otherwise unprotected photos without needing any password.

As soon as he saw the first image, he knew this storage should not have been public. Not only did it contain profile pictures, it also included pictures sent in private messages, including some removed by moderators.

In total, nearly 1.5 million user-uploaded images were available to anyone stumbling over the storage bucket. Although the images are not linked to any user accounts or other private information, it is not unthinkable that cybercriminals could figure out some of the identities by using commonly available face search engines.

Many of these search engines use Artificial Intelligence (AI) for facial recognition combined with reverse image search technology to find other photos of a person published online, based on a picture submitted by the user.

Although officially intended only for self-searches, many of them don’t bother to check whether that’s actually the case.

Coupled to the identity of the person in the picture, these images could expose users to extortion, as well as an increased risk of hostility. As if online dating isn’t nervewracking enough, especially for those looking in special categories, the last we need is to see our explicit images exposed.

M.A.D Mobile was warned about the leak in January, but didn’t take any action to protect the storage until the BBC contacted the company on Friday. The issue has now been fixed.

It’s important to stipulate that the apps are exclusive to iOS and do not have Android or web alternatives.

Check your digital footprint

If you want to find out what personal data of yours has been exposed online, you can use our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a free report.

SCAN NOW

Article URL: https://andregarzia.com/2025/04/think-i-implemented-a-unique-feature-in-my-feed-reader.html

Comments URL: https://news.ycombinator.com/item?id=43545381

Points: 2

# Comments: 0

Article URL: https://www.theverge.com/news/639681/usb-c-charging-e-bike-ampler-nova-specs-price

Comments URL: https://news.ycombinator.com/item?id=43545378

Points: 4

# Comments: 0

Article URL: https://home.cern/news/news/physics/cern-scientists-find-evidence-quantum-entanglement-sheep

Comments URL: https://news.ycombinator.com/item?id=43545349

Points: 2

# Comments: 1

Article URL: https://newsroom.arm.com/blog/arm-introduces-new-developer-initiative-expediting-migration-to-arm-based-cloud-platforms

Comments URL: https://news.ycombinator.com/item?id=43545346

Points: 1

# Comments: 0

Article URL: https://www.lesswrong.com/posts/FuAcX7oAk9qKG6P2x/was-the-historical-jesus-talking-about-evolution-you-might

Comments URL: https://news.ycombinator.com/item?id=43545344

Points: 3

# Comments: 1

Parts of the HP Pavilion Plus 14 are great. But there's one poor-quality feature that totally ruins the experience -- at any price.

Ditto for Disney Plus because of Andor and Peacock for WrestleMania.

Save money and switch to an internet plan with a perk. Here are the internet bargains we're loving right now.

From the Apple Watch Series 10 to models from Google and Garmin, we’ve tested the best smartwatches for every wrist, phone and budget. Here are our top picks.

Want to avoid having your online accounts hacked? Two-factor authentication is a crucial security measure that requires an extra step for signing in to high-value services. Here's how to set up 2FA and which accounts to focus on.

Check Point has responded to a hacker’s claims of sensitive data theft, confirming an incident but saying that it had limited impact.

The post Check Point Responds to Hacking Claims appeared first on SecurityWeek.

Article URL: https://www.pcgamer.com/gaming-industry/youtuber-karl-jobst-to-pay-more-than-usd230-000-to-donkey-kong-record-holder-billy-mitchell-in-defamation-ruling/

Comments URL: https://news.ycombinator.com/item?id=43545153

Points: 1

# Comments: 0

Article URL: https://www.hetzner.com/bitshift/

Comments URL: https://news.ycombinator.com/item?id=43545141

Points: 1

# Comments: 0