Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2024-43489: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

Microsoft Security Response Center
Open in Source
#vulnerability#microsoft#rce#chrome#Microsoft Edge (Chromium-based)#Security Vulnerability
Everything you need to know about VPN tracking

A VPN (Virtual Private Network) adds privacy and security to your browsing. But does this make your internet…

Packed With Features, 'SambaSpy' RAT Delivers Hefty Punch

Thought to be Brazilian in origin, the remote access Trojan is the "perfect tool for a 21st-century James Bond."

Infostealers: An Early Warning for Ransomware Attacks

Can cyber defenders use the presence of infostealers as a canary in the coal mine to preempt ransomware attacks?

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Google has announced that it's rolling out a new set of features to its Chrome browser that gives users more control over their data when surfing the internet and protects against online threats. "With the newest version of Chrome, you can take advantage of our upgraded Safety Check, opt out of unwanted website notifications more easily and grant select permissions to a site for one time only,"

Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense

Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the risk posed by cryptographically relevant quantum computers (CRQCs). "Chrome will offer a key share prediction for hybrid ML-KEM (codepoint 0x11EC)," David Adrian, David Benjamin, Bob Beck, and Devon O'Brien of the Chrome Team said. "The

RansomHub Ransomware Gang Leaks 487GB of Alleged Kawasaki Europe Data

RansomHub ransomware group leaks alleged 487 GB of sensitive data stolen from Kawasaki Motors Europe (KME), following a…

GHSA-xgq9-7gw6-jr5r: Mattermost Desktop App fails to sufficiently configure Electron Fuses

Mattermost Desktop App versions <=5.8.0 fail to sufficiently configure Electron Fuses which allows an attacker to gather Chromium cookies or abuse other misconfigurations via remote/local access.

New Android Malware Ajina.Banker Steals 2FA Codes, Spreads via Telegram

A new Android malware called Trojan Ajina.Banker is targeting Central Asia – Discover how this malicious malware disguises…

TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims' banking credentials. "The mechanisms include using malformed ZIP files in combination with JSONPacker," Cleafy security researchers Michele Roviello and Alessandro Strino said. "In addition,