Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

CVE-2024-26192: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** This vulnerability could lead to a browser sandbox escape.

Microsoft Security Response Center
Open in Source
#vulnerability#microsoft#chrome#Microsoft Edge (Chromium-based)#Security Vulnerability
CVE-2024-21423: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition and also to take additional actions prior to exploitation to prepare the target environment.

CVE-2024-26188: Microsoft Edge (Chromium-based) Spoofing Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

Bluzelle’s Curium App Makes Crypto Earning Effortless

By Uzair Amir Meet Curium by Bluzelle, a new Miner Pool app. This is a post from HackRead.com Read the original post: Bluzelle’s Curium App Makes Crypto Earning Effortless

TinyTurla-NG in-depth tooling and command and control analysis

Cisco Talos, in cooperation with CERT.NGO, has discovered new malicious components used by the Turla APT. New findings from Talos illustrate the inner workings of the command and control (C2) scripts deployed on the compromised WordPress servers utilized in the compromise we previously disclosed.

Apple Approves Fake App Before Real Rabby Wallet, Users’ Funds Stolen

By Waqas Crypto Nightmare! Fake Rabby Wallet App Steals Millions After Apple App Store Fails to Catch It. This is a post from HackRead.com Read the original post: Apple Approves Fake App Before Real Rabby Wallet, Users’ Funds Stolen

Types of SaaS Applications: Categories and Examples

By Uzair Amir Learn about different types of SaaS solutions and the most widely used SaaS categories to create your own… This is a post from HackRead.com Read the original post: Types of SaaS Applications: Categories and Examples

Top Software Development Outsourcing Trends

By Uzair Amir Eastern Europe is swiftly rising to prominence in the software development outsourcing sector. This ascendance is marked not… This is a post from HackRead.com Read the original post: Top Software Development Outsourcing Trends

Ubuntu Security Notice USN-6647-1

Ubuntu Security Notice 6647-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

ITFlow Cross Site Request Forgery

ITFlow versions prior to commit 432488eca3998c5be6b6b9e8f8ba01f54bc12378 suffer from a cross site request forgery vulnerability.