Google on Monday released security updates for Chrome web browser to address a total of 11 security issues, two of which it says are actively exploited zero-days in the wild. Tracked as CVE-2021-30632 and CVE-2021-30633, the vulnerabilities concern an out of bounds write in V8 JavaScript engine and a use after free flaw in Indexed DB API respectively, with the internet giant … [Read more...] about Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack
update
Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs
Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a software supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques to compromise the software's update mechanism and used it to drop malware on user computers. The breach is said to … [Read more...] about Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs
Watch Out! That Android System Update May Contain A Powerful Spyware
Researchers have discovered a new information-stealing trojan, which targets Android devices with an onslaught of data-exfiltration capabilities — from collecting browser searches to recording audio and phone calls. While malware on Android has previously taken the guise of copycat apps, which go under names similar to legitimate pieces of software, this sophisticated new … [Read more...] about Watch Out! That Android System Update May Contain A Powerful Spyware
Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack
Merely weeks after releasing out-of-band patches for iOS, iPadOS, macOS and watchOS, Apple has issued yet another security update for iPhone, iPad, and Apple Watch to fix a critical zero-day weakness that it says is being actively exploited in the wild. Tracked as CVE-2021-1879, the vulnerability relates to a WebKit flaw that could enable adversaries to process maliciously … [Read more...] about Apple Issues Urgent Patch Update for Another Zero‑Day Under Attack
Google Chrome update patches CVE-2021-21193 vulnerability
Google Chrome urgently requires an update to patch a severe vulnerability. You may be tired of updating Chrome (the latest urgent update was just last month), but it’s that time again, and with good reason: Cybercriminals have already exploited this vulnerability. What is CVE-2021-21193? On March 12, Google released stable build 89.0.4389.90 for Chrome, patching five … [Read more...] about Google Chrome update patches CVE-2021-21193 vulnerability
Why you should to update Google Chrome to version 88.0.4324.150 immediately
Researchers have found a critical vulnerability, CVE-2021-21148, in Google Chrome. We recommend addressing it as soon as possible because cybercriminals are already exploiting it. Browser versions for major desktop operating systems (Windows, MacOS, and Linux) are all vulnerable. Here’s what’s going on, and how to update your browser. Why CVE-2021-21148 is dangerous The … [Read more...] about Why you should to update Google Chrome to version 88.0.4324.150 immediately
Why you need to update iOS and iPadOS to version 14.4 immediately
Apple has released a security update to close three zero-day vulnerabilities: CVE-2021-1780, CVE-2021-1781, and CVE-2021-1782. Because Apple believes unnamed cybercriminals are already exploiting those vulnerabilities, the company advises all iOS and iPadOS users to update their operating systems. The vulnerabilities CVE-2021-1780 and CVE-2021-1781 are vulnerabilities in the … [Read more...] about Why you need to update iOS and iPadOS to version 14.4 immediately
WhatsApp Delays Controversial ‘Data-Sharing’ Privacy Policy Update By 3 Months
WhatsApp said on Friday that it wouldn't enforce its recently announced controversial data sharing policy update until May 15. Originally set to go into effect next month on February 8, the three-month delay comes following "a lot of misinformation" about a revision to its privacy policy that allows WhatsApp to share data with Facebook, sparking widespread concerns about the … [Read more...] about WhatsApp Delays Controversial ‘Data-Sharing’ Privacy Policy Update By 3 Months
Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered
Apple on Thursday released multiple security updates to patch three zero-day vulnerabilities that were revealed as being actively exploited in the wild. Rolled out as part of its iOS, iPadOS, macOS, and watchOS updates, the flaws reside in the FontParser component and the kernel, allowing adversaries to remotely execute arbitrary code and run malicious programs with … [Read more...] about Update Your iOS Devices Now — 3 Actively Exploited 0-Days Discovered
New Chrome Zero-Day Under Active Attacks – Update Your Browser
Google has patched a second actively exploited zero-day flaw in the Chrome browser in two weeks, along with addressing nine other security vulnerabilities in its latest update. The company released 86.0.4240.183 for Windows, Mac, and Linux, which it said will be rolling out over the coming days/weeks to all users. The zero-day flaw, tracked as CVE-2020-16009, was reported by … [Read more...] about New Chrome Zero-Day Under Active Attacks – Update Your Browser