#chrome

The Shop version 2.5 suffers from a remote SQL injection vulnerability.

There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free. 

A highly targeted cyber attack against an East Asian IT company involved the deployment of a custom malware written in Golang called RDStealer. "The operation was active for more than a year with the end goal of compromising credentials and data exfiltration," Bitdefender security researcher Victor Vrabie said in a technical report shared with The Hacker News. Evidence gathered by the Romanian

By Waqas Protect your online privacy with trustworthy VPNs. Shield your sensitive data from prying eyes and browse the internet… This is a post from HackRead.com Read the original post: VPN for Privacy: Shielding Your Online Activities from Prying Eyes

A new information-stealing malware called Mystic Stealer has been found to steal data from about 40 different web browsers and over 70 web browser extensions. First advertised on April 25, 2023, for $150 per month, the malware also targets cryptocurrency wallets, Steam, and Telegram, and employs extensive mechanisms to resist analysis. "The code is heavily obfuscated making use of polymorphic

KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allow attackers to open a file dialog box via the function showDirectoryPicker() which can then be used to open an unprivileged command prompt.

By Waqas The online streaming website Soap2day has announced its permanent shutdown, ceasing its entire operation without providing a specific… This is a post from HackRead.com Read the original post: Soap2day Shuts Down Permanently – Free Legal and Paid Alternatives

By Waqas According to researchers, these fake accounts on GitHub and Twitter are spreading malware that infects both Windows- and Linux-based systems. This is a post from HackRead.com Read the original post: Warning: Fake GitHub Repos Delivering Malware as PoCs

Cybersecurity researchers have discovered previously undocumented payloads associated with a Romanian threat actor named Diicot, revealing its potential for launching distributed denial-of-service (DDoS) attacks. "The Diicot name is significant, as it's also the name of the Romanian organized crime and anti-terrorism policing unit," Cado Security said in a technical report. "In addition,

A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.