Tag
#chrome
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Categories: News Tags: domino Tags: loader Tags: backdoor Tags: malware Tags: ransomware Tags: emotet Tags: network Tags: corporate Tags: business Tags: organisation Tags: data Tags: theft Tags: steal Tags: banking Tags: trojan We take a look at a malware collective pushing a set of Domino malware files. (Read more...) The post Malware authors join forces and target organisations with Domino Backdoor appeared first on Malwarebytes Labs.
The data-stealing malware threatens the cyber safety of individual and organizational privacy by infecting a range of Web browsers.
Categories: News Tags: Some tips that can enhance your browser's speed Tags: so you have more time to enjoy the outdoors Some tips that can enhance your browser's speed, so you have more time to enjoy the outdoors. (Read more...) The post Spring cleaning tips for your browser appeared first on Malwarebytes Labs.
Because the security vulnerability is under active exploit, Google isn't releasing full details of the flaw while users could remain vulnerable.
A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/view_details.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-226206 is the identifier assigned to this vulnerability.
Debian Linux Security Advisory 5390-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code.
By Waqas QuaDream, based in Ramat Gan, Israel, with around 40 employees, is known for its spyware used for hacking iPhones. This is a post from HackRead.com Read the original post: QuaDream, Israeli iPhone hacking spyware firm, to shut down
go-bbs v1 was discovered to contain an arbitrary file download vulnerability via the component /api/v1/download.
A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control (C2). "Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors," cybersecurity company Uptycs said in a report published last week. "Once the