securityweek.com - LG Innotek LNV5110R security cameras are affected by a vulnerability that can be exploited for unauthenticated remote code execution.
Hundreds of LG security cameras are vulnerable to remote hacking due to a recently discovered flaw and they will not receive a patch.
The cybersecurity agency CISA revealed on Thursday that LG Innotek LNV5110R cameras are affected by an authentication bypass vulnerability that can allow an attacker to gain administrative access to the device.
The flaw, tracked as CVE-2025-7742 and assigned a ‘high severity’ rating, can allow an attacker to upload an HTTP POST request to the device’s non-volatile storage, which can result in remote code execution with elevated privileges, according to CISA.
LG Innotek has been notified, but said the vulnerability cannot be patched as the product has reached end of life.
Souvik Kandar, the MicroSec researcher credited by CISA for reporting the vulnerability, told SecurityWeek there are roughly 1,300 cameras that are exposed to the internet and which can be remotely hacked.
Weekend attacks compromised about 100 organisations
May hacker contest uncovered SharePoint weak spot
Initial Microsoft patch did not fully fix flaw
LONDON, July 22 (Reuters) - A security patch Microsoft (MSFT.O), opens new tab released this month failed to fully fix a critical flaw in the U.S. tech giant's SharePoint server software, opening the door to a sweeping global cyber espionage effort, a timeline reviewed by Reuters shows.
On Tuesday, a Microsoft spokesperson confirmed that its initial solution to the flaw, identified at a hacker competition in May, did not work, but added that it released further patches that resolved the issue.
It remains unclear who is behind the spy effort, which targeted about 100 organisations over the weekend, and is expected to spread as other hackers join the fray.
In a blog post Microsoft said two allegedly Chinese hacking groups, dubbed "Linen Typhoon" and "Violet Typhoon," were exploiting the weaknesses, along with a third, also based in China.
Microsoft and Alphabet's (GOOGL.O), opens new tab Google have said China-linked hackers were probably behind the first wave of hacks.
Chinese government-linked operatives are regularly implicated in cyberattacks, but Beijing routinely denies such hacking operations.
In an emailed statement, its embassy in Washington said China opposed all forms of cyberattacks, and "smearing others without solid evidence."
The vulnerability opening the way for the attack was first identified in May at a Berlin hacking competition, opens new tab organised by cybersecurity firm Trend Micro (4704.T), opens new tab that offered cash bounties for finding computer bugs in popular software.
It offered a $100,000 prize for so-called "zero-day" exploits that leverage previously undisclosed digital weaknesses that could be used against SharePoint, Microsoft's flagship document management and collaboration platform.
The U.S. National Nuclear Security Administration, charged with maintaining and designing the nation's cache of nuclear weapons, was among the agencies breached, Bloomberg News said on Tuesday, citing a person with knowledge of the matter.
Google has issued an urgent security update for its Chrome browser, addressing a critical zero-day vulnerability that is being actively exploited by attackers.
The flaw, tracked as CVE-2025-6554, is a type confusion vulnerability in Chrome’s V8 JavaScript engine, which underpins the browser’s ability to process web content across Windows, macOS, and Linux platforms.
The vulnerability was discovered by Clément Lecigne of Google’s Threat Analysis Group (TAG) on June 25, 2025. According to Google, attackers have already developed and deployed exploits targeting this flaw in the wild, prompting the company to act quickly.
On May 29, 2025, SentinelOne experienced a global service disruption affecting multiple customer-facing services. During this period, customer endpoints remained protected, but security teams were unable to access the management console and related services, which significantly impacted their ability to manage their security operations and access important data. We apologize for the disruption caused by this service interruption.
The root cause of the disruption was a software flaw in an infrastructure control system that removed critical network routes, causing widespread loss of network connectivity within the SentinelOne platform. It was not a security-related event. The majority of SentinelOne services experienced full or partial downtime due to this sudden loss of network connectivity to critical components in all regions.
We’d like to assure our commercial customers that their endpoints were protected throughout the duration of the service disruption and that no SentinelOne security data was lost during the event. Protected endpoint systems themselves did not experience downtime due to this incident. A core design principle of the SentinelOne architecture is to ensure protection and prevention capabilities continue uninterrupted without constant cloud connectivity or human dependency for detection and response – even in the case of service interruptions, of any kind, including events like this one.
Oasis Security's research team uncovered a flaw in Microsoft's OneDrive File Picker that allows websites to access a user’s entire OneDrive content, rather than just the specific files selected for upload via OneDrive File Picker. Researchers estimate that hundreds of apps are affected, including ChatGPT, Slack, Trello, and ClickUp–meaning millions of users may have already granted these apps access to their OneDrive. This flaw could have severe consequences, including customer data leakage and violation of compliance regulations.
Upon discovery, Oasis reported the flaw to Microsoft and advised vendors using OneDrive File Picker of the issue. In response, Microsoft is considering future improvements, including more precise alignment between what OneDrive File Picker does and the access it requires.
Below are details of the flaw and mitigation strategies. You can read the Oasis Security Research team’s full report here.
The Flaws
Excessive Permissions in the OneDrive File Picker
The official OneDrive File Picker implementation requests read access to the entire drive – even when uploading just a single file – due to the lack of fine-grained OAuth scopes for OneDrive.
While users are prompted to provide consent before completing an upload, the prompt’s vague and unclear language does not communicate the level of access being granted, leaving users open to unexpected security risks.
The lack of fine-grained scopes makes it impossible for users to distinguish between malicious apps that target all files and legitimate apps that ask for excessive permissions simply because there is no other secure option.
Insecure Storage of Sensitive Secrets
Sensitive secrets used for this access are often stored insecurely by default.
The latest version of OneDrive File Picker (8.0) requires developers to take care of the authentication themselves, typically using the Microsoft Authentication Library (MSAL) and most likely using the Authorization Flow.
Security risks ensue:
MSAL stores sensitive Tokens in the browser’s session storage in plain text.
With Authorization Flows a Refresh Token may also be issued, which lengthens the access period, providing ongoing access to the user's data.
Notably, OpenAI uses version 8.0.
Mitigation Steps
The lack of fine-grained OAuth scopes combined with Microsoft’s vague user prompt is a dangerous combination that puts both personal and enterprise users at risk. Oasis Security recommends that individuals and technology leaders review the third-party access they’ve granted to their account to mitigate the potential risks raised by these issues.
Check Whether or Not You’ve Previously Granted Access to a Vendor
How to for Private Accounts
Log in to your Microsoft Account.
In the left or top pane, click on "Privacy".
Under "App Access", select the list of apps that have access to your account.
Review the list of apps, and for each app, click on “Details” to view the specific scopes and permissions granted.
You can “Stop Sharing” at any time. Consider that an Access Token takes about an hour to expire regardless of when you clicked stopped sharing. This would however revoke a Refresh Token if present.
Palo Alto Networks has disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service (DoS) condition on susceptible devices.
The flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), impacts PAN-OS versions 10.X and 11.X, as well as Prisma Access running PAN-OS versions. It has been addressed in PAN-OS 10.1.14-h8, PAN-OS 10.2.10-h12, PAN-OS 11.1.5, PAN-OS 11.2.3, and all later PAN-OS versions.
SonicWall discovered the Apache OFBiz flaw, identifying it as a critical issue enabling unauthenticated remote code execution
Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.
Apple's implementation of installing marketplace apps from Safari is heavily flawed and can allow a malicious marketplace to track users across websites
Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free.
A secret encryption cipher baked into radio systems used by critical infrastructure workers, police, and others around the world is finally seeing sunlight. Researchers say it isn’t pretty.
WPA stands for will-provide-access, if you can successfully exploit a target's setup
We discovered a vulnerability in Zimbra Enterprise Email that allows an unauthenticated, remote attacker fully take over Zimbra instances via a flaw in unrar.
