VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks

Microsoft has announced that Visual Studio Code VS Code will apply a two-hour delay before extensions for the integrated development environment IDE are updated automatically to a newer version in an attempt to tackle software supply chain threats. "When automatic updates are enabled, new version...

Brave Desktop 1.91.168 Security Fixes

Added the ability to disable or delay automatic extension updates when brave://flags/brave-user-extension-auto-update is enabled. Upgraded Chromium to 149.0.7827.54 — refer to Google Chrome advisories for inherited CVEs...

How Manifest v3 forced us to rethink Browser Guard, and why that’s a good thing

As a Browser Guard user, you might not have noticed much difference lately. Browser Guard still blocks scams and phishing attempts just like always, and, in many cases, even better. But behind the scenes, almost everything changed. The rules that govern how browser extensions work went through a...

EUVD-2018-3362

Malware in sbrugna...

SUSE-SU-2023:0844-1 Security update for openstack-cinder, openstack-glance, openstack-neutron-gbp, openstack-nova, python-oslo.utils

This update for openstack-cinder, openstack-glance, openstack-neutron-gbp, openstack-nova, python-oslo.utils contains the following fixes: Security fixes included on this update: openstack-cinder, openstack-glance, openstack-nova: - CVE-2022-47951: Fixed file access control through custom VMDK fl...

SUSE CVE-2010-4582

Opera before 11.00 does not properly handle security policies during updates to extensions, which might allow remote attackers to bypass intended access restrictions via unspecified vectors...

Mozilla Firefox permission permission and access control issue vulnerability (CNVD-2023-05211)

Mozilla Firefox is an open source Web browser from the Mozilla Foundation in the U.S. A permission permission and access control issue vulnerability exists in Mozilla Firefox, which stems from the way Firefox handles extension updates. An attacker could use the vulnerability to trick victims into...

Mozilla Firefox 权限许可和访问控制问题漏洞

Mozilla Firefox is an open source Web browser from the Mozilla Foundation in the U.S. A permission permission and access control issue vulnerability exists in Mozilla Firefox, which stems from the way Firefox handles extension updates. An attacker could use the vulnerability to trick victims into...