Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Google’s Ad Blocker Crackdown Is Growing

Plus: North Korean supply chain attacks, a Russian USB worm spreads internationally, and more.

Wired
#web#google#microsoft#git#intel#botnet#chrome#firefox
Tell Me Your Secrets Without Telling Me Your Secrets

The title of this article probably sounds like the caption to a meme. Instead, this is an actual problem GitGuardian's engineers had to solve in implementing the mechanisms for their new HasMySecretLeaked service. They wanted to help developers find out if their secrets (passwords, API keys, private keys, cryptographic certificates, etc.) had found their way into public GitHub repositories. How

Chrome pushes forward with plans to limit ad blockers in the future

Google has set a date for the introduction of Manifest V3 which will hurt the capabilities of many ad blockers.

CVE-2023-43887: Buffer over-read causes segmentation fault in pic_parameter_set::dump · Issue #418 · strukturag/libde265

Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.

Malwarebytes consumer product roundup: The latest

Here are the innovations we’ve made in our products recently. Are you making the most of them?

Explained: Privacy washing

Google's recently been accused of "privacy washing", despite claiming its a privacy-focused company. But what is privacy washing?

CVE-2021-22142: Elastic Stack 7.13.0 and 6.8.16 Security Update

Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to conduct further attacks. Kibana contains a number of protections to prevent this browser from rendering arbitrary content.

Atomic Stealer distributed to Mac users via fake browser updates

Compromised websites are being used to redirect to fake browser updates and deliver malware onto Mac users.

Jorani Leave Management System 1.0.2 Host Header Injection

Jorani Leave Management System version 1.0.2 suffers from a host header injection vulnerability.

FireBear Improved Import And Export 3.8.6 XSLT Server Side Injection

FireBear Improved Import and Export version 3.8.6 for Magento 2.4.6 suffers from an XSLT server-side injection vulnerability that allows for command execution.