#chrome

KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for blocked dialog boxes on Windows 10. This issue can allow attackers to open a file dialog box via the function showDirectoryPicker() which can then be used to open an unprivileged command prompt.

By Waqas The online streaming website Soap2day has announced its permanent shutdown, ceasing its entire operation without providing a specific… This is a post from HackRead.com Read the original post: Soap2day Shuts Down Permanently – Free Legal and Paid Alternatives

By Waqas According to researchers, these fake accounts on GitHub and Twitter are spreading malware that infects both Windows- and Linux-based systems. This is a post from HackRead.com Read the original post: Warning: Fake GitHub Repos Delivering Malware as PoCs

Cybersecurity researchers have discovered previously undocumented payloads associated with a Romanian threat actor named Diicot, revealing its potential for launching distributed denial-of-service (DDoS) attacks. "The Diicot name is significant, as it's also the name of the Romanian organized crime and anti-terrorism policing unit," Cado Security said in a technical report. "In addition,

A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions.

Debian Linux Security Advisory 5428-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Categories: News Tags: GitHub Tags: malware Tags: repository Tags: security researcher Tags: fake Tags: download Tags: scam Tags: twitter Tags: social We take a look at reports of fake security researchers offering up malware downloads via GitHub repositories. (Read more...) The post Fake security researchers push malware files on GitHub appeared first on Malwarebytes Labs.

projectSend version r1605 suffers from a persistent cross site scripting vulnerability.

A new version of the infamous browser extension is spreading through files on websites offering pirated wares and leverages unique persistence mechanisms.

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**