The Air Contacts Lite iPhone / iPod application suffers from a denial of service vulnerability.

Whitepaper called Hacking Dispositivos iOS. It demonstrates how dangerous it is to be connected to a wireless network with an iOS device that has OpenSSH enabled. Written in Spanish.

This article explains the technical procedure and challenges involved in extracting data and artifacts from iPhone backups.

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. The exploit for this vulnerability is javascript code which shows how to use it for memory corruption of internal JS objects (Unit32Array and etc.) and subsequent arbitrary code execution (custom ARM/x64 payloads can be pasted into the JS code). This exploit affects Apple Safari version 6.0.1 for iOS 6.0 and OS X 10.7/8. Earlier versions may also be affected. It was obtained through the Packet Storm Bug Bounty program.

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native code to compare array items. If this compare function reduces array length, then the trailing array items will be written outside the "m_storage->m_vector[]" buffer, which leads to the heap memory corruption. This finding was purchased through the Packet Storm Bug Bounty program.

Visual Voicemail for iPhone suffers from a use-after-free vulnerability in IMAP NAMESPACE processing.

graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie if a guest user has the graph real-time privilege.

This Metasploit module exploits a directory traversal vulnerability (CVE-2015-1830) in Apache ActiveMQ versions 5.x before 5.11.2 for Windows. The module tries to upload a JSP payload to the /admin directory via the traversal path /fileserver/..\admin\ using an HTTP PUT request with the default ActiveMQ credentials admin:admin (or other credentials provided by the user). It then issues an HTTP GET request to /admin/.jsp on the target in order to trigger the payload and obtain a shell.

Singapore has retained its place at the top of fDi's Asia-Pacific Cities of the Future ranking, with Shanghai and Tokyo completing the top three list. 

Research by fDi Intelligence reveals which cities received the most tech start-up FDI relative to their population between 2016 and 2018, with European cities coming out on top.