Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

April 25, 2024

Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploitedÂ to reveal users’ keystrokes to nefarious actors.
The findings come from the Citizen Lab, which discovered weaknesses in eight of nine apps from vendors like Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi.Â The only vendor whose keyboard appÂ did not have anyÂ security

Source: Read More

Previous ArticleDinesh Kumar Shrimali Takes on Dual Role as CISO and DPO at Tata Steel

Next Article eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

Highlights

CVE-2025-43864 – React Router Cache Poisoning Vulnerability

April 24, 2025

CVE ID : CVE-2025-43864

Published : April 25, 2025, 1:15 a.m. | 1 hour, 45 minutes ago

Description : React Router is a router for React. Starting in version 7.2.0 and prior to version 7.5.2, it is possible to force an application to switch to SPA mode by adding a header to the request. If the application uses SSR and is forced to switch to SPA, this causes an error that completely corrupts the page. If a cache system is in place, this allows the response containing the error to be cached, resulting in a cache poisoning that strongly impacts the availability of the application. This issue has been patched in version 7.5.2.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

I test a lot of AI coding tools, and this stunning new OpenAI release just saved me days of work

How to use your Android phone as a webcam when your laptop’s default won’t cut it

The 5 most customizable Linux desktop environments – when you want it your way

Gen AI use at work saps our motivation even as it boosts productivity, new research shows

Strategic Cloud Partner: Key to Business Success, Not Just Tech

Strategic Cloud Partner: Key to Business Success, Not Just Tech

Perficient’s “What If? So What?” Podcast Wins Gold at the 2025 Hermes Creative Awards

PIM for Azure Resources

Windows 11 24H2’s Settings now bundles FAQs section to tell you more about your system

Windows 11 24H2’s Settings now bundles FAQs section to tell you more about your system

You can now share an app/browser window with Copilot Vision to help you with different tasks

Microsoft will gradually retire SharePoint Alerts over the next two years

Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

Georgia Tech and Stanford Researchers Introduce MLE-Dojo: A Gym-Style Framework Designed for Training, Evaluating, and Benchmarking Autonomous Machine Learning Engineering (MLE) Agents

A Step-by-Step Guide to Build an Automated Knowledge Graph Pipeline Using LangGraph and NetworkX

Use a DAO to govern LLM training data, Part 3: From IPFS to the knowledge base

CVE-2025-30663 – Zoom Workplace Apps TOCTOU Race Condition Privilege Escalation Vulnerability

Apple Appeals App Store Ruling in Epic Games Case

SenseNova 5.5 â€“ Chinaâ€™s first real-time LLM beats GPT-4o

CVE-2025-43864 – React Router Cache Poisoning Vulnerability

FBI Investigates Cyberstalking by Richard Roe, Seeks Victims

Valorant has no right being this good on Xbox, it’s like Riot thought of everything

Using LM Studio to Run LLMs Easily, Locally and Privately

Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

Related Posts