Hundreds of U.S. news sites push malware in supply-chain attack
The compromised infrastructure of an undisclosed media company is being used by threat actors to deploy the SocGholish JavaScript malware…
Dozens of PyPI packages caught dropping ‘W4SP’ info-stealing malware
Researchers have discovered over two dozen Python packages on the PyPI registry that are pushing info-stealing malware. [...]
The Sky Is Not Falling: Disclosed OpenSSL Bugs Are Serious but Not Critical
Organizations should update to the latest encryption (version 3.0.7) as soon as possible, but there's no need for Heartbleed-like panic,…
Malicious Android apps with 1M+ installs found on Google Play
A set of four malicious applications currently available in Google Play, the official store for the Android system, are directing…
Mozilla Firefox fixes freezes caused by new Windows 11 feature
Mozilla has fixed a known issue causing the Firefox web browser to freeze when copying text on Windows 11 devices…
Urgent: Google Issues Emergency Patch for Chrome Zero-Day
With scant details attached, Google Chrome seeks to shore up yet another exploited zero-day vulnerability.
Google fixes seventh Chrome zero-day exploited in attacks this year
Google has released an emergency security update for the Chrome desktop web browser to address a single vulnerability known to be exploited…
Google Chrome Pays $57K (and Counting) in Bug Bounties for Latest Update
Chrome's Stable Channel 107 rollout includes security fixes from a slew of independent researchers, racking up nearly $60,000 in bounties.
Google Chrome to drop support for Windows 7 / 8.1 in Feb 2023
Google announced today that the Google Chrome web browser will likely drop support for Windows 7 and Windows 8.1 starting February…
Chrome extensions with 1 million installs hijack targets’ browsers
Researchers at Guardio Labs have discovered a new malvertizing campaign pushing Google Chrome and Microsoft Edge extensions that hijack searches…