July 24, 2024 at 08:39AM Google released Chrome 127, addressing 24 vulnerabilities, with memory safety bugs and high-severity flaws the most prevalent. The update includes patches for high and medium-severity vulnerabilities, as well as low-severity issues, awarding over $55,000 in bug bounty rewards. Users are encouraged to update promptly, with specifics on vulnerabilities withheld until … Read more
July 9, 2024 at 01:07AM Unknown threat actors have propagated trojanized versions of jQuery on npm, GitHub, and jsDelivr in a “complex and persistent” supply chain attack. Approximately 68 packages were linked to the campaign, exhibiting high variability and clever hiding techniques. The attacker introduced malicious changes in the “end” function, enabling the exfiltration of … Read more
June 26, 2024 at 01:01AM Google has blocked ads for e-commerce sites using Polyfill.io due to a supply chain attack. The Chinese company Funnull acquired the domain and altered the JavaScript library to redirect users to malicious sites, impacting over 110,000 sites. Concerns have been raised about the security and maintenance of the library, prompting … Read more
June 25, 2024 at 07:58PM The polyfill.io domain, previously used to add JavaScript polyfills to websites, has been found serving malicious code, infecting over 100,000 sites. Security firms warn website owners to remove any embedded code from the domain. Google is blocking affected websites’ ads, and affected site owners are being notified. The domain’s sale … Read more
June 25, 2024 at 02:12PM The Polyfill.io service, used by over 100,000 sites, was compromised in a supply chain attack after being acquired by a Chinese company, leading to injection of malicious code. Cloudflare and Fastly set up mirrors to mitigate the risk, and Google warned advertisers of the issue impacting landing pages and causing … Read more
June 25, 2024 at 07:51AM A new threat actor named Boolka has been targeting websites with malicious scripts to distribute a trojan called BMANAGER. Using SQL injection attacks since 2022, Boolka infects sites with JavaScript capable of capturing user data. The trojan deploys multiple modules to steal sensitive information and establishes persistence on the host. … Read more
June 25, 2024 at 12:03AM Several WordPress plugins have been compromised and backdoored to inject malicious code, allowing creation of rogue administrator accounts and unauthorized actions on affected websites. The injected malware aims to create new admin accounts and inject malicious JavaScript for SEO spam. Users are advised to check for suspicious accounts and malicious … Read more
June 17, 2024 at 03:00AM Legitimate-but-compromised websites are being used to distribute a Windows backdoor called BadSpace via fake browser updates. The attack involves infected websites, a command-and-control server, fake browser updates, and a JScript downloader. This backdoor, capable of anti-sandbox checks and system information harvesting, is being distributed through compromised sites. Key Takeaways from … Read more
June 4, 2024 at 08:13AM Summary: The browser security landscape has evolved, with traditional Browser Isolation now inadequate. A new report recommends a shift to Secure Browser Extensions due to the limitations of Browser Isolation, impact on productivity, and changing web-borne threats. Secure Browser Extensions offer improved performance, visibility, risk analysis, and granular enforcement, with … Read more
May 14, 2024 at 04:11AM Google has released emergency security updates for its Chrome browser, addressing a high-severity zero-day vulnerability exploited in attacks. This comes after fixing another zero-day vulnerability just three days earlier. The latest bug, CVE-2024-4761, affects Chrome’s V8 JavaScript engine and allows out-of-bounds write issues, the sixth zero-day bug fixed in 2024. … Read more