News

SecurityWeek4d
OneDrive Gives Web Apps Full Read Access to All Files
Excessive permissions and ambiguous consent statements may provide web apps uploading files to OneDrive with read access to ...
CSOonline5d
If you use OneDrive to upload files to ChatGPT or Zoom, don’t
A third-party web application ending up with “unintentional” user data ... Even apps like Phenome, a recruitment tool, could unintentionally expose confidential files if users upload resumes ...
TechCrunch6y
Researcher shows how popular app ES File Explorer exposes Android device data
Why is one of the most popular Android apps running a hidden web ... A script, developed by a security researcher to obtain data on the same network as an Android device running ES File Explorer.
Google Apps Script abused to launch dangerous phishing attacks
Use precise geolocation data and actively scan device characteristics for identification. This is done to store and access ...
SecurityWeek2d
Firebase, Google Apps Script Abused in Fresh Phishing Campaigns
Security researchers flag two phishing campaigns abusing Firebase and Google Apps Script to host malware and fake login pages.
Lifehacker11y
Allow Others to Upload Files to Your Google Drive with This Script
you can edit the form.html file in the script to jazz up the presentation to anyone you share the web app with, instead of them seeing the extremely basic upload interface seen above.
ZDNet5y
Academics find 30 file upload vulnerabilities in 23 web apps, CMSes, and forums
When present in real-world web apps, these types of vulnerabilities allow hackers to exploit file upload forms and plant malicious files on a victim's servers. These files could be used to execute ...