Chrome patches 24 security holes, enables “Sanitizer” safety system
Credit to Author: Paul Ducklin| Date: Wed, 31 Aug 2022 11:48:01 +0000
24 existing bugs fixed. And, we hope, numerous potential future bugs prevented.
Read moreXSS
Serious vulnerabilities found in ITarian software, patches available for SaaS products
Credit to Author: Pieter Arntz| Date: Mon, 13 Jun 2022 12:25:19 +0000
Researchers at DIVD found vulnerabilities in ITarian products and worked with the vendor to develop patches. These patches are now available.
The post Serious vulnerabilities found in ITarian software, patches available for SaaS products appeared first on Malwarebytes Labs.
Read moreGmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
Credit to Author: Pieter Arntz| Date: Tue, 17 May 2022 19:37:25 +0000
A researcher has combined a chain of bugs into an attack method that makes it possible to take over Facebook accounts linked to Gmail.
The post Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed appeared first on Malwarebytes Labs.
Read moreThreat actor steals email with Zimbra zero-day
Credit to Author: Pieter Arntz| Date: Fri, 04 Feb 2022 16:07:15 +0000
 | |
| Researchers have uncovered a targeted phishing campaign exploiting a XSS zero-day vulnerability in the Zimbra email platform. Categories: Exploits and vulnerabilities Tags: EmailThiefTEMP_Hereticxsszero-day |
The post Threat actor steals email with Zimbra zero-day appeared first on Malwarebytes Labs.
Read moreXSS plugin vulnerabilities plague WordPress users
Credit to Author: Danny Bradbury| Date: Tue, 03 Mar 2020 10:44:44 +0000
Thousands of active WordPress plugins have been hit with a swathe of XSS vulnerabilities that could give attackers complete control of the site.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Bjh4-1ye-9E” height=”1″ width=”1″ alt=””/>
Read moreCookie-nabbing app could have served users side helping of XSS
Credit to Author: Danny Bradbury| Date: Fri, 14 Feb 2020 12:29:39 +0000
A popular GDPR compliance WordPress plugin vendor has patched a flaw that rendered both site visitors and admins vulnerable to XSS attacks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/uCTRH0KiVPg” height=”1″ width=”1″ alt=””/>
Read moreXSS security hole in Gmail’s dynamic email
Credit to Author: John E Dunn| Date: Wed, 20 Nov 2019 12:08:45 +0000
The bug was fixed at least a month ago so users receiving dynamic email content have one less thing to worry about.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/XM0wx0yUQ-A” height=”1″ width=”1″ alt=””/>
Read moreNo surprises in the top 25 most dangerous software errors
Credit to Author: Danny Bradbury| Date: Thu, 19 Sep 2019 08:58:17 +0000
An in-depth study of reported bugs has produced a list of the top 25 bug categories in software today – with some old familiar names topping the list.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/rJcjSJP7NLU” height=”1″ width=”1″ alt=””/>
Read moreWordPress 5.2.3 fixes new clutch of security vulnerabilities
Credit to Author: John E Dunn| Date: Mon, 09 Sep 2019 10:31:30 +0000
WordPress version 5.2.3 has just appeared on the download pipe featuring half a dozen security fixes and software enhancements.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/j-xSSrxRMDU” height=”1″ width=”1″ alt=””/>
Read more