Tag
#chrome
Plus: North Korean supply chain attacks, a Russian USB worm spreads internationally, and more.
The title of this article probably sounds like the caption to a meme. Instead, this is an actual problem GitGuardian's engineers had to solve in implementing the mechanisms for their new HasMySecretLeaked service. They wanted to help developers find out if their secrets (passwords, API keys, private keys, cryptographic certificates, etc.) had found their way into public GitHub repositories. How
Google has set a date for the introduction of Manifest V3 which will hurt the capabilities of many ad blockers.
Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.
Here are the innovations we’ve made in our products recently. Are you making the most of them?
Google's recently been accused of "privacy washing", despite claiming its a privacy-focused company. But what is privacy washing?
Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to conduct further attacks. Kibana contains a number of protections to prevent this browser from rendering arbitrary content.
Compromised websites are being used to redirect to fake browser updates and deliver malware onto Mac users.
Jorani Leave Management System version 1.0.2 suffers from a host header injection vulnerability.
FireBear Improved Import and Export version 3.8.6 for Magento 2.4.6 suffers from an XSLT server-side injection vulnerability that allows for command execution.