Posts of last 24 hours
A critical flaw in how Dell stores BIOS administrator and user passwords allows full password recovery from a flash dump in milliseconds, with no brute force required. The vulnerability, tracked as CVE-2026-40639 (DSA-2026-197), stems from a broken XOR encryption scheme rather than a proper cryptographic hash. Dell stores BIOS passwords in the DVAR (Dell Variable) […]
The post Dell BIOS Flaw Lets Attackers Recover Admin Passwords From SPI Flash in Milliseconds appeared first on Cyber Security News.
A new security study has found serious privacy and security issues in 281 popular Android VPN applications available on the Google Play Store. Researchers discovered that dozens of these apps transfer data without encryption, leak user traffic outside the VPN tunnel, and send device identifiers to advertising and tracking services. The research team from multiple […]
The post 281 Popular VPN Apps from the Google Play Store Leak Sensitive Data, Transfer Data Unencrypted appeared first on Cyber Security News.