Tag
#chrome
Jaspersoft Clarity PPM version 14.3.0.298 was discovered to contain an arbitrary file upload vulnerability via the Profile Picture Upload function.
Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
With the release of ThreatDown, let's take a look at Malwarebytes' 15-year legacy and what's next.
By Deeba Ahmed GootBot: New Gootloader Variant Evades Detection with Stealthy Lateral Movement. This is a post from HackRead.com Read the original post: IBM X-Force Discovers Gootloader Malware Variant- GootBot
Okta has concluded that the root cause of its breach was an employee storing company credentials in a private Google account.
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid.
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
By Waqas Some of the most prominent victims of the data breach include Cloudflare, 1Password, and BeyondTrust. This is a post from HackRead.com Read the original post: Okta Breach Linked to Employee’s Google Account, Affects 134 Customers
By Deeba Ahmed The new feature will add an Independent Security Review badge at the top of the Google Play search results page when users search for VPN apps. This is a post from HackRead.com Read the original post: Google Launches Verification Badges for Security Tested VPN Apps
Rapid7 Velociraptor versions prior to 0.7.0-4 suffer from a reflected cross site scripting vulnerability. This vulnerability allows attackers to inject JS into the error path, potentially leading to unauthorized execution of scripts within a user's web browser. This vulnerability is fixed in version 0.7.0-04 and a patch is available to download. Patches are also available for version 0.6.9 (0.6.9-1).