Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

You Need a Password Manager. Here Are the Best Ones

Keep your logins locked down with our favorite apps for PC, Mac, Android, iPhone, and web browsers.

Wired
Open in Source
#web#ios#android#mac#windows#linux#git#auth#chrome#firefox
Apple Just Patched 37 iPhone Security Bugs

Plus: A Google Chrome patch licks the DevilsTongue spyware, Android’s kernel gets a tune-up, and Microsoft fixes 84 flaws.

You Pay More When Companies Get Hacked

Plus: Google delays the end of cookies (again), EU officials were targeted with Pegasus spyware, and more of the top security news.

North Korean Hackers Using Malicious Browser Extension to Spy on Email Accounts

A threat actor operating with interests aligned with North Korea has been deploying a malicious extension on Chromium-based web browsers that's capable of stealing email content from Gmail and AOL. Cybersecurity firm Volexity attributed the malware to an activity cluster it calls SharpTongue, which is said to share overlaps with an adversarial collective publicly referred to under the name

CVE-2022-34528: Vuls/BOF_in_D-Link DSL-3782.md at main · 1160300418/Vuls

D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue.

ICYMI: Dark Web Happenings Edition With Evil Corp., MSP Targeting & More

Dark Reading's digest of other "don't-miss" stories of the week — including a Microsoft alert connecting disparate cybercrime activity together, and an explosion of Luca Stealer variants after an unusual Dark Web move.

CVE-2022-2579: vul/Garage Management System(XSS).md at main · ch0ing/vul

A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument userName with the input lala<img src="" onerror=alert(1)> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE-2022-2578: vul/Garage Management System--.md at main · ch0ing/vul

A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /php_action/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Google delays Chrome third party cookie sunsetting…again

We take a look at the second delay to Google's intended sunsetting of third party cookies in Chrome, along with the reason why. The post Google delays Chrome third party cookie sunsetting…again appeared first on Malwarebytes Labs.

Google delays Chrome third party cookie sunsetting...again

Categories: Privacy Tags: ads Tags: advertising Tags: adverts Tags: cookies Tags: Google Tags: third party Tags: tracking We take a look at the second delay to Google's intended sunsetting of third party cookies in Chrome, along with the reason why. (Read more...) The post Google delays Chrome third party cookie sunsetting...again appeared first on Malwarebytes Labs.