Lucene search
+L

11 matches found

Krebs on Security
Krebs on Security
added 2024/11/12 9:59 p.m.44 views

Microsoft Patch Tuesday, November 2024 Edition

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed...

9.8CVSS9AI score0.81817EPSS
Exploits2
The Hacker News
The Hacker News
added 2024/08/29 3:59 p.m.53 views

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack

Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would...

9.6CVSS9.5AI score0.29179EPSS
Exploits6
The Hacker News
The Hacker News
added 2023/11/29 4:27 a.m.190 views

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D...

9.6CVSS9.2AI score0.99735EPSS
Exploits17
FreeBSD
FreeBSD
added 2022/12/02 12:0 a.m.41 views

chromium -- Type confusion in V8

Chrome Releases reports: This release contains 1 security fix: 1394403 High CVE-2022-4262: Type Confusion in V8. Reported by Clement Lecigne of Google's Threat Analysis Group on 2022-11-29 Google is aware that an exploit for CVE-2022-4262 exists in the wild...

8.8CVSS0.6AI score0.16109EPSS
Exploits2References1
The Hacker News
The Hacker News
added 2022/08/17 12:2 p.m.659 views

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Tracked as CVE-2022-2856, the issue has been described as a case of insufficient validation of untrusted input in Intents. Security researchers Ashley She...

8.8CVSS1.1AI score0.70461EPSS
Exploits4
The Hacker News
The Hacker News
added 2022/05/06 7:17 a.m.38 views

Experts Uncover New Espionage Attacks by Chinese 'Mustang Panda' Hackers

The China-based threat actor known as Mustang Panda has been observed refining and retooling its tactics and malware to strike entities located in Asia, the European Union, Russia, and the U.S. "Mustang Panda is a highly motivated APT group relying primarily on the use of topical lures and social...

1.4AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/04/02 12:0 a.m.73 views

CVE-2021-1879

This issue was addressed by improved management of object lifetimes. This issue is fixed in iOS 12.5.2, iOS 14.4.2 and iPadOS 14.4.2, watchOS 7.3.3. Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been...

6.1CVSS6.2AI score0.07082EPSS
In wildExploits0References4
ThreatPost
ThreatPost
added 2021/02/18 5:59 p.m.175 views

Exploit Details Emerge for Unpatched Microsoft Bug

New details have emerged about an unpatched security vulnerability in Microsoft’s Internet Explorer that was recently used in a complex campaign against security researchers. A fresh analysis from 0patch offers further insight into where the bug exists and how it can be triggered in real-world...

8AI score
Exploits0References6
GoogleProjectZero
GoogleProjectZero
added 2021/01/12 12:0 a.m.182 views

Introducing the In-the-Wild Series

This is part 1 of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other parts of the series, head to the bottom of this post. At Project Zero we often refer to our goal simply as “make 0-day hard”. Members of the team approach this...

8.8CVSS8.8AI score0.78808EPSS
Exploits9
ThreatPost
ThreatPost
added 2020/04/23 2:50 p.m.57 views

A Dozen Nation-Backed APTs Tap COVID-19 to Cover Spy Attacks

Cybercriminals have seized on the novel coronavirus as a theme in their attacks, and it turns out that the most sophisticated players on that scene are no exception. According to Google’s Threat Analysis Group TAG, more than a dozen nation-state-backed APTs are using the COVID-19 pandemic as a...

7.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2019/03/12 9:52 p.m.137 views

Microsoft Patches Two Win32k Bugs Under Active Attack

Microsoft released patches for two Win32k bugs actively under attack, along with fixes for four additional bugs that are publicly known, as part of its March Patch Tuesday security bulletin. The Win32k bugs are both elevation of privilege vulnerabilities, rated important, and tied to the way...

7.6CVSS8.8AI score0.6285EPSS
Exploits19References18
Rows per page
Query Builder