Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Black Basta-Linked Attackers Target Users with SystemBC Malware

An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the goal of conducting credential theft and deploying a malware dropper called SystemBC. "The initial lure being utilized by the threat actors remains the same: an email bomb followed by an attempt to call impacted users and offer a fake solution,"

The Hacker News
#xss#web#mac#windows#google#microsoft#git#intel#auth#chrome#The Hacker News
Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Day Exploits

Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 vulnerabilities that the tech giant resolved in its Edge browser since last month. The Patch Tuesday

Six 0-Days Lead Microsoft’s August 2024 Patch Push

Microsoft today released updates to fix at least 90 security vulnerabilities in Windows and related software, including a whopping six zero-day flaws that are already being actively exploited by attackers.

Computer Laboratory Management 1.0 SQL Injection

Computer Laboratory Management version 1.0 suffers from a remote authenticated SQL injection vulnerability.

Google Manifest V3 and Malwarebytes Browser Guard

We wanted to update you on some changes that Google’s making, and what we’re doing in Browser Guard to keep you protected.

Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share

As many as 10 security flaws have been uncovered in Google's Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed. "The Quick Share application implements its own specific application-layer communication protocol to support file transfers between nearby, compatible devices,"

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions

An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. "The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data

'0.0.0.0 Day' Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk

Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.

CVE-2024-7536: Chromium: CVE-2024-7550 Type Confusion in V8

**What is the version information for this release?** Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 127.0.2651.98 127.0.6533.99/.100 8/8/2024

CVE-2024-7535: Chromium: CVE-2024-7536 Use after free in WebAudio

**What is the version information for this release?** Microsoft Edge Channel Microsoft Edge Version Based on Chromium Version Date Released Stable 127.0.2651.98 127.0.6533.99/.100 8/8/2024