Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2023-6351: Stable Channel Update for Desktop

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)

CVE
#google#chrome
Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have been

Study Finds Amazon, eBay and Afterpay as Top Android User Data Collectors

By Deeba Ahmed Amazon and eBay have been declared the highest data-collecting platforms among all the Android shopping apps researchers examined. This is a post from HackRead.com Read the original post: Study Finds Amazon, eBay and Afterpay as Top Android User Data Collectors

Google’s Ad Blocker Crackdown Is Growing

Plus: North Korean supply chain attacks, a Russian USB worm spreads internationally, and more.

Tell Me Your Secrets Without Telling Me Your Secrets

The title of this article probably sounds like the caption to a meme. Instead, this is an actual problem GitGuardian's engineers had to solve in implementing the mechanisms for their new HasMySecretLeaked service. They wanted to help developers find out if their secrets (passwords, API keys, private keys, cryptographic certificates, etc.) had found their way into public GitHub repositories. How

Chrome pushes forward with plans to limit ad blockers in the future

Google has set a date for the introduction of Manifest V3 which will hurt the capabilities of many ad blockers.

CVE-2023-43887: Buffer over-read causes segmentation fault in pic_parameter_set::dump · Issue #418 · strukturag/libde265

Libde265 v1.0.12 was discovered to contain multiple buffer overflows via the num_tile_columns and num_tile_row parameters in the function pic_parameter_set::dump.

Malwarebytes consumer product roundup: The latest

Here are the innovations we’ve made in our products recently. Are you making the most of them?

Explained: Privacy washing

Google's recently been accused of "privacy washing", despite claiming its a privacy-focused company. But what is privacy washing?