Google fixes third actively exploited Chrome zero-day in a week

May 16, 2024 at 06:55AM Google issued an emergency Chrome security update to address a zero-day vulnerability, the third exploited in a week. The fix, released for Mac, Windows, and Linux, will automatically update Chrome, but users can verify by going to Help>About Google Chrome. The vulnerability, used in attacks, remains unpublicized as Google maintains … Read more

GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws

March 21, 2024 at 07:42AM GitHub announced the availability of a new feature called code scanning autofix for Advanced Security customers. It leverages CodeQL, Copilot, and OpenAI GPT-4 to provide code suggestions to fix vulnerabilities in JavaScript, Typescript, Java, and Python. The feature aims to assist developers by generating potential fixes and explanations in natural … Read more

Google Warns of Chrome Browser Zero-Day Being Exploited

January 16, 2024 at 04:24PM Google has released an urgent Chrome browser update to address three high-severity security flaws, warning that one is currently being exploited in the wild. The exploited zero-day, CVE-2024-0519, is an out-of-bounds memory access issue in the V8 JavaScript engine. The update also covers two additional high-risk memory safety issues. This … Read more