CVE-2025-27154: Spotipy Vulnerability Exposes Spotify Auth Tokens
Spotipy, a popular Python library for interacting with the Spotify Web API, recently addressed a security vulnerability that could have exposed users’ authentication tokens. The vulnerability, identified as CVE-2025-27154 and assigned a CVSSv4 score of 8.4, stemmed from the way the library’s CacheHandler class created a cache file to store the Spotify auth token. The cache file, […]
SERBIAN STUDENT ACTIVIST’S PHONE HACKED USING CELLEBRITE ZERO-DAY EXPLOIT
Amnesty International reports that a Cellebrite zero-day exploit was used to unlock a Serbian activist’s Android phone. Amnesty International reported that a Cellebrite zero-day exploit was used to unlock the Android smartphone of a Serbian activist. In a statement published on 25 February 2025, Cellebrite announced that it had blocked Serbia from using its solution after reports that police used […]