#chrome

A roundup of the previous week's most interesting security news and happenings, alongside our own content and research. Categories: A week in security Tags: Australia BlackMatter chrome cryptoeats gamers gummy browsers killware Magnitude npm q-logger revil rickrolls sinclair Slack snapchat tesla winRAR WP Fastest Cache youtube *( Read more... ( https://blog.malwarebytes.com/a-week-in-security/2021/10/a-week-in-security-oct-18-2021-oct-24-2021/ ) )* The post A week in security (Oct 18 – Oct 24) appeared first on Malwarebytes Labs.

Researchers have found that the Magnitude exploit kit is testing a Chrome vulnerability in combination with a Windows vulnerability. Categories: Exploits and vulnerabilities Tags: chrome chromium exploit kit magniber Magnitude puzzlemaker *( Read more... ( https://blog.malwarebytes.com/exploits-and-vulnerabilities/2021/10/magnitude-ek-has-been-spotted-targeting-the-chrome-browser/ ) )* The post Chrome targeted by Magnitude exploit kit appeared first on Malwarebytes Labs.

For the second time this year the REvil ransomware group has disappeared off the grid. Will they come back again? All bets are open. Categories: Ransomware Tags: BlackMatter darkside kasey ransomware revil Tor service *( Read more... ( https://blog.malwarebytes.com/ransomware/2021/10/revil-ransomware-gang-disappears-after-tor-services-hijacked/ ) )* The post [updated]REvil ransomware disappears after Tor services hijacked appeared first on Malwarebytes Labs.

Missing check in DataCommunicator class in com.vaadin:vaadin-server versions 8.0.0 through 8.14.0 (Vaadin 8.0.0 through 8.14.0) allows authenticated network attacker to cause heap exhaustion by requesting too many rows of data.

Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

A stored Cross-Site Scripting vulnerability in the Jira integration in all GitLab versions starting from 13.9 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to execute arbitrary JavaScript code on the victim's behalf via malicious Jira API responses

A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg.

Read our easy steps to clearing your cache on major web browsers: Chrome, Firefox, Safari, Edge, and Internet Explorer. Categories: How-tos Tags: cache chrome firefox IE Internet Explorer Microsoft Edge safari *( Read more... ( https://blog.malwarebytes.com/101/how-tos/2021/09/how-to-clear-your-cache/ ) )* The post How to clear your cache appeared first on Malwarebytes Labs.

libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file.