Security
Headlines
HeadlinesLatestCVEs

Tag

#google

CVE-2023-0590: [PATCH net] net: sched: fix race condition in qdisc_graft()

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, then kernel could be affected.

CVE
Open in Source
#ios#google#linux#dos#git#bios#ssh
Fake ChatGPT Extension Hijacks Facebook Accounts

By Deeba Ahmed At the time of reporting this scam to Google, the fake ChatGPT extension had over 7,000 installations. This is a post from HackRead.com Read the original post: Fake ChatGPT Extension Hijacks Facebook Accounts

Bundestag Bungle: Political Microtargeting of Facebook Users Draws Ire

With shades of the Cambridge Analytica scandal, German political parties skirted consumer data privacy regulations during the country's last parliamentary election, a privacy watchdog warns.

Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts

Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI's ChatGPT service to harvest Facebook session cookies and hijack the accounts. The "ChatGPT For Google" extension, a trojanized version of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, prior to its removal. It was originally

CVE-2022-47173: WordPress Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration plugin <= 1.62.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in nasirahmed Connect Contact Form 7, WooCommerce To Google Sheets & Other Platforms – Advanced Form Integration plugin <= 1.62.0 versions.

New Android Botnet Nexus Being Rented Out on Russian Hacker Forum

By Habiba Rashid Nexus contains a module equipped with encryption capabilities which point towards ransomware. This is a post from HackRead.com Read the original post: New Android Botnet Nexus Being Rented Out on Russian Hacker Forum

WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS

WordPress plugins Watu Quiz versions 3.3.9 and below, GN Publisher versions 1.5.5 and below, and Japanized For WooCommerce versions 2.5.4 and below suffer from cross site scripting vulnerabilities.

CVE-2023-23864: WordPress Very Simple Google Maps plugin <= 2.8.4 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Michael Aronoff Very Simple Google Maps plugin <= 2.8.4 versions.

Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps

An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud. "Nexus appears to be in its early stages of development," Italian cybersecurity firm Cleafy said in a report published this week. "Nexus provides all the main features to perform ATO attacks (Account Takeover) against banking portals and