Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CyberRatings.org Announces New Web Browser Test Results for 2022

Three of the world's leading browsers were measured for phishing and malware protection, with time to block and protection over time as key metrics in test scores.

DARKReading
Open in Source
#vulnerability#web#windows#google#microsoft#chrome#firefox
Hackers Using Fake DDoS Protection Pages to Distribute Malware

WordPress sites are being hacked to display fraudulent Cloudflare DDoS protection pages that lead to the delivery of malware such as NetSupport RAT and Raccoon Stealer. "A recent surge in JavaScript injections targeting WordPress sites has resulted in fake DDoS prevent prompts which lead victims to download remote access trojan malware," Sucuri's Ben Martin said in a write-up published last week

ChromeOS vulnerability found by Microsoft

Categories: News Tags: Microsoft Tags: ChromeOS Tags: Chrome Tags: Google Tags: audio Tags: bluetooth Tags: exploit Tags: vulnerability Microsoft has released a report detailing a ChromeOS vulnerability reported to Chrome and fixed within a week. (Read more...) The post ChromeOS vulnerability found by Microsoft appeared first on Malwarebytes Labs.

WordPress Duplicator 1.4.7.2 Backup Disclosure

WordPress Duplicator plugin version 1.4.7.2 suffers from a backup disclosure vulnerability.

XCSSET Malware Updates with Python 3 to Target macOS Monterey Users

The operators of the XCSSET macOS malware have upped the stakes by making iterative improvements that add support for macOS Monterey by upgrading its source code components to Python 3. "The malware authors have changed from hiding the primary executable in a fake Xcode.app in the initial versions in 2020 to a fake Mail.app in 2021 and now to a fake Notes.app in 2022," SentinelOne researchers

CVE-2022-36261: cms-pentest/taocms-arbitrary-file-deletion-vulnerability.md at main · chasingboy/cms-pentest

An arbitrary file deletion vulnerability was discovered in taocms 3.0.2, that allows attacker to delete file in server when request url admin.php?action=file&ctrl=del&path=/../../../test.txt

Microsoft Patch Tuesday August 2022: DogWalk, Exchange EOPs, 13 potentially dangerous, 2 funny, 3 mysterious vulnerabilities

Hello everyone! In this episode, let’s take a look at the Microsoft Patch Tuesday August 2022 vulnerabilities. I use my Vulristics vulnerability prioritization tool as usual. I take comments for vulnerabilities from Tenable, Qualys, Rapid7, ZDI and Kaspersky blog posts. Also, as usual, I take into account the vulnerabilities added between the July and August […]

Fake DDoS Protection Alerts Distribute Dangerous RAT

Security vendor Sucuri says adversaries are injecting malicious JavaScript into numerous WordPress websites that triggers phony bot-related checks.

Gentoo Linux Security Advisory 202208-35

Gentoo Linux Security Advisory 202208-35 - Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 104.0.5112.101 are affected.