Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger

A new phishing attack is leveraging Facebook Messenger to propagate messages with malicious attachments from a "swarm of fake and hijacked personal accounts" with the ultimate goal of taking over the targets' accounts. "Originating yet again from a Vietnamese-based group, this campaign uses a tiny compressed file attachment that packs a powerful Python-based stealer dropped in a multi-stage

The Hacker News
Open in Source
#web#git#chrome#The Hacker News
Google Chrome Rolls Out Support for 'Privacy Sandbox' to Bid Farewell to Tracking Cookies

Google has officially begun its rollout of Privacy Sandbox in the Chrome web browser to a majority of its users, nearly four months after it announced the plans. "We believe it is vital to both improve privacy and preserve access to information, whether it's news, a how-to-guide, or a fun video," Anthony Chavez, vice president of Privacy Sandbox initiatives at Google, said. "Without viable

New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World

A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses a modular architecture, a feature that most loaders do not have," Zscaler

Chrome's "Enhanced Ad Privacy": What you need to know

Categories: Personal Tags: google Tags: chrome Tags: website Tags: API Tags: Topics Tags: tracking Tags: ads Tags: adverts Tags: cookies We take a look at a Chrome popup related to Topics API, which you may be seeing in the near future. (Read more...) The post Chrome's "Enhanced Ad Privacy": What you need to know appeared first on Malwarebytes Labs.

Debian Security Advisory 5491-1

Debian Linux Security Advisory 5491-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

CVE-2023-41578: Jeecg-boot <=3.5.3 Arbitrary File Read · Issue #1 · Snakinya/Bugs

Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.

Drupal 10.1.2 Web Cache Poisoning

Drupal version 10.1.2 appears to suffer from web cache poisoning due to a server-side request forgery vulnerability.

Axigen 10.5.0–4370c946 Cross Site Scripting

Axigen versions 10.5.0–4370c946 and below suffer from a cross site scripting vulnerability.

CVE-2023-41615: Student Management System in PHP | Student Management Project in PHP

Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields.