Security
Headlines
HeadlinesLatestCVEs

Tag

#google

Hotel Booking System 1.0 Shell Upload

Hotel Booking System version 1.0 suffers from a remote shell upload vulnerability.

Packet Storm
#vulnerability#web#windows#google#php#auth#firefox
Giftora 1.0 Cross Site Scripting

Giftora version 1.0 suffers from a cross site scripting vulnerability.

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems

Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and ARM64 architectures.  "Banshee Stealer targets a wide range of browsers, cryptocurrency wallets, and around 100 browser

Google Pixel Devices Shipped with Vulnerable App, Leaving Millions at Risk

A large percentage of Google's own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware. The issue manifests in the form of a pre-installed Android app called "Showcase.apk" that comes with excessive system privileges, including the ability to remotely execute code and install arbitrary

GHSA-q7w8-72mr-vpgw: Policy bypass for Host Firewall policy due to race condition in Cilium agent

### Impact A race condition in the Cilium agent can cause the agent to ignore labels that should be applied to a node. This could in turn cause CiliumClusterwideNetworkPolicies intended for nodes with the ignored label to not apply, leading to policy bypass. ### Patches This issue was fixed in https://github.com/cilium/cilium/pull/33511. This issue affects: - All versions of Cilium before v1.14.14 - Cilium v1.15 between v1.15.0 and v1.15.7 inclusive This issue has been patched in: - Cilium v1.14.14 - Cilium v1.15.8 ### Workarounds As the underlying issue depends on a race condition, users unable to upgrade can restart the Cilium agent on affected nodes until the affected policies are confirmed to be working as expected. ### Acknowledgements The Cilium community has worked together with members of Google and Isovalent to prepare these mitigations. Special thanks to @skmatti for raising and resolving this issue. ### For more information If you have any questions or comments ...

Dozens of Google products targeted by scammers via malicious search ads

In a clever scheme designed to abuse Google in more than one way, scammers are redirecting users to browser locks.

AI, election security headline discussions at Black Hat and DEF CON

Voting Village co-founder Harri Hursti told Politico the list of vulnerabilities ran “multiple pages.”