Security
Headlines
HeadlinesLatestCVEs

Tag

#google

ConnectWise closes XSS vector for remote hijack scams

Researchers also applaud abandonment of customization feature abused by scammers

PortSwigger
Open in Source
#xss#vulnerability#web#google#microsoft#amazon#auth#chrome
Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw

Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022. Heap-based buffer overflow bugs can be

GHSA-995f-9x5r-2rcj: Heap buffer overflow in GPU

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

How to use Linked Helper 2 as a LinkedIn Data Export Tool

By Owais Sultan One of the best things about LinkedIn is that it allows you to download a CSV file with… This is a post from HackRead.com Read the original post: How to use Linked Helper 2 as a LinkedIn Data Export Tool

CVE-2022-4135: Stable Channel Update for Desktop

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Bahamut Using Fake VPN Apps to Steal Android User Credentials

By Deeba Ahmed Researchers believe that the attack is ongoing, in which hackers are using malicious versions of SoftVPN, SecureVPN, and OpenVPN software. This is a post from HackRead.com Read the original post: Bahamut Using Fake VPN Apps to Steal Android User Credentials

How to Avoid Black Friday Scams Online

'Tis the season for swindlers and hackers. Use these tips to spot frauds and keep your payment info secure.

Millions of Android Devices Still Don't Have Patches for Mali GPU Flaws

A set of five medium-severity security flaws in Arm's Mali GPU driver has continued to remain unpatched on Android devices for months, despite fixes released by the chipmaker. Google Project Zero, which discovered and reported the bugs, said Arm addressed the shortcomings in July and August 2022. "These fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung,

This Android File Manager App Infected Thousands of Devices with Sharkbot Malware

The Android banking fraud malware known as SharkBot has reared its head once again on the official Google Play Store, posing as file managers to bypass the app marketplace's restrictions. A majority of the users who downloaded the rogue apps are located in the U.K. and Italy, Romanian cybersecurity company Bitdefender said in an analysis published this week. SharkBot, first discovered towards