August 22, 2024 at 02:00AM Google has released security fixes for a high-severity vulnerability (CVE-2024-7971) in its Chrome browser, actively exploited in the wild. It’s a type confusion bug in the V8 engine. The flaw was discovered by Microsoft Threat Intelligence Center and Microsoft Security Response Center. Users are urged to update to Chrome version … Read more
May 24, 2024 at 07:09AM Google has released fixes for a high-severity security flaw in its Chrome browser, identified as CVE-2024-5274, which has been exploited in the wild. The vulnerability is related to a type confusion bug in the V8 JavaScript and WebAssembly engine. This marks the fourth zero-day patched by Google this month. Users … Read more
May 14, 2024 at 01:54PM Today’s Microsoft Patch Tuesday includes updates for 61 flaws, with one critical vulnerability fixed in Microsoft SharePoint Server. It addresses 17 elevation of privilege vulnerabilities, two security feature bypass vulnerabilities, 27 remote code execution vulnerabilities, seven information disclosure vulnerabilities, three denial of service vulnerabilities, and four spoofing vulnerabilities. Additionally, three … Read more
April 13, 2024 at 07:43AM Telegram addressed a zero-day vulnerability in its Windows desktop app, allowing the automatic launch of Python scripts. Initially disputed, it was confirmed that a typo in the source code allowed bypassing security warnings when clicking on Python .pyzw files disguised as videos. Telegram fixed the issue with a server-side fix, … Read more
November 30, 2023 at 02:49PM Apple has patched 20 zero-day vulnerabilities in 2023, recently addressing two allowing attackers to exploit iPhones, iPads, and Macs via WebKit. The flaws enabled data access and code execution. Updates were issued for various devices and macOS versions. Google TAG identified the exploits, which historically targeted high-risk individuals. Clear Takeaways … Read more