New Chrome Zero-Day
According to Microsoft researchers, North Korean hackers have been using a Chrome zero-day exploit to steal cryptocurrency.
Continue reading New Chrome Zero-Day
Category Archives: Chrome
ChromeOS 128 Adds Snap Layouts For Apps, OCR Text Extraction, and Improved Settings
Google’s new ChromeOS 128 update introduces a feature similar to Windows 11’s Snap layouts. Called Snap Groups, the feature enables users to organize on-screen apps in various fullscreen layouts. “When you pair two windows for split-screen display, Chr… Continue reading ChromeOS 128 Adds Snap Layouts For Apps, OCR Text Extraction, and Improved Settings
September 2024 Patch Tuesday forecast: Downgrade is the new exploit
I asked for a calm August 2024 Patch Tuesday in last month’s forecast article and that came to pass. The updates released were limited to the regular operating systems and all forms of Office applications. Six zero-day vulnerabilities were announced, w… Continue reading September 2024 Patch Tuesday forecast: Downgrade is the new exploit
Chrome 128 Updates Patch High-Severity Vulnerabilities
Google has released two Chrome 128 updates to address six high-severity vulnerabilities reported by external researchers.
The post Chrome 128 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Continue reading Chrome 128 Updates Patch High-Severity Vulnerabilities
Detecting drive-by-download attack on android
Context: I received a text message about unpaid ticket on the same day I parked at a hospital dropoff zone. The number was from an entirely different province and the url looked very odd. Not a number alphabet soup, but just long winded so… Continue reading Detecting drive-by-download attack on android
Google Now Offering Up to $250,000 for Chrome Vulnerabilities
Google has significantly increased the rewards for Chrome browser vulnerabilities, offering up to $250,000 for remote code execution bugs.
The post Google Now Offering Up to $250,000 for Chrome Vulnerabilities appeared first on SecurityWeek.
Continue reading Google Now Offering Up to $250,000 for Chrome Vulnerabilities
Google Warns of Exploited Chrome Vulnerability
Google flags another high-severity vulnerability patched with the latest Chrome 128 release as exploited in the wild.
The post Google Warns of Exploited Chrome Vulnerability appeared first on SecurityWeek.
Continue reading Google Warns of Exploited Chrome Vulnerability
Reproducing 0.0.0.0 Day
I was reading about 0.0.0.0 local server API access from Browser vulnerability – see 0.0.0.0 Day: Exploiting Localhost APIs From the Browser. Its relatively new and I haven’t updated my browser either. When I try to access http://0.0.0.0:&… Continue reading Reproducing 0.0.0.0 Day
Google Patches Sixth Exploited Chrome Zero-Day of 2024
Chrome 128 was released in the stable channel with patches for 38 vulnerabilities, including a V8 JavaScript engine flaw exploited in the wild.
The post Google Patches Sixth Exploited Chrome Zero-Day of 2024 appeared first on SecurityWeek.
Continue reading Google Patches Sixth Exploited Chrome Zero-Day of 2024
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type confusion weakness in V8, the open-source JavaScript an… Continue reading New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)