Tag
#chrome
Plus: A Google Chrome patch licks the DevilsTongue spyware, Android’s kernel gets a tune-up, and Microsoft fixes 84 flaws.
Plus: Google delays the end of cookies (again), EU officials were targeted with Pegasus spyware, and more of the top security news.
A threat actor operating with interests aligned with North Korea has been deploying a malicious extension on Chromium-based web browsers that's capable of stealing email content from Gmail and AOL. Cybersecurity firm Volexity attributed the malware to an activity cluster it calls SharpTongue, which is said to share overlaps with an adversarial collective publicly referred to under the name
D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue.
Dark Reading's digest of other "don't-miss" stories of the week — including a Microsoft alert connecting disparate cybercrime activity together, and an explosion of Luca Stealer variants after an unusual Dark Web move.
A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument userName with the input lala<img src="" onerror=alert(1)> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /php_action/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
We take a look at the second delay to Google's intended sunsetting of third party cookies in Chrome, along with the reason why. The post Google delays Chrome third party cookie sunsetting…again appeared first on Malwarebytes Labs.
Categories: Privacy Tags: ads Tags: advertising Tags: adverts Tags: cookies Tags: Google Tags: third party Tags: tracking We take a look at the second delay to Google's intended sunsetting of third party cookies in Chrome, along with the reason why. (Read more...) The post Google delays Chrome third party cookie sunsetting...again appeared first on Malwarebytes Labs.
Incorrect signature trust exists within Google Play services SDK play-services-basement. A debug version of Google Play services is trusted by the SDK for devices that are non-GMS. We recommend upgrading the SDK past the 2022-05-03 release.