Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2022-28908: IOT_vuln/TOTOLink/N600R/4 at main · EPhaha/IOT_vuln

TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the ipdoamin parameter in /setting/setDiagnosisCfg.

CVE
Open in Source
#vulnerability#web#windows#apple#chrome#webkit
Experts Detail Saintstealer and Prynt Stealer Info-Stealing Malware Families

Cybersecurity researchers have dissected the inner workings of an information-stealing malware called Saintstealer that's designed to siphon credentials and system information. "After execution, the stealer extracts username, passwords, credit card details, etc.," Cyble researchers said in an analysis last week. "The stealer also steals data from various locations across the system and

CVE-2022-27412: Explore CMS 1.0 SQL Injection ≈ Packet Storm

Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request.

CVE-2022-27412: Explore CMS 1.0 SQL Injection ≈ Packet Storm

Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request.

Chrome content::DisplayCutoutHostImpl::SendSafeAreaToFrame Use-After-Free

A use-after-free issue exists in Chrome 100 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process.

How to remove Google from your life

Google and all its products can dominate the average person's life. Here's an in-depth guide on how to remove yourself from their ecosystem. The post How to remove Google from your life appeared first on Malwarebytes Labs.

A special browser designed for online banking. Good idea, or not so much?

A specialized banking browser was introduced by a major German bank. While that sounds like a good idea, it looks like they are overestimating what it can do. The post A special browser designed for online banking. Good idea, or not so much? appeared first on Malwarebytes Labs.

Google, Apple, and Microsoft step hand in hand into a passwordless future

Three tech giants used World Password Day to announce their commitment to a passwordless future using FIDO Alliance standards. The post Google, Apple, and Microsoft step hand in hand into a passwordless future appeared first on Malwarebytes Labs.

CVE-2022-30334: [hackerone] Strip referrer and origin in cross-origin requests from a `.onion` origin · Issue #18071 · brave/brave-browser

Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser."

CVE-2022-30334: [hackerone] Strip referrer and origin in cross-origin requests from a `.onion` origin · Issue #18071 · brave/brave-browser

Brave before 1.34, when a Private Window with Tor Connectivity is used, leaks .onion URLs in Referer and Origin headers. NOTE: although this was fixed by Brave, the Brave documentation still advises "Note that Private Windows with Tor Connectivity in Brave are just regular private windows that use Tor as a proxy. Brave does NOT implement most of the privacy protections from Tor Browser."