Apple delays plans to search devices for child abuse imagery

After the uproar from users and privacy advocates about Apple’s controversial plans to scan users devices for photos and messages containing child abuse and exploitation media, the company has decided to put the brakes on the plan. If you may recall, Apple announced in early August that it would...

Denial Of Service

chromium is vulnerable to Denial of Service. The vulnerability exists due to a Out of bounds write in Tab Groups in Google Chrome...

Winning the Cyber-Defense Race: Understand the Finish Line

If you ask organizations about their top objectives, you will likely hear they need to increase visibility, reduce toolsets and adopt automation to counteract the cybersecurity skills gap. And what most don’t realize is that these initiatives are driven by hurdles the industry has created for...

Ragnarok Ransomware Gang Bites the Dust, Releases Decryptor

Another cybercriminal gang notorious for ransomware attacks has shut down, publishing its decryptor online to allow victims unlock and recover files. The Ragnarok gang, also known as Asnarok, closed up shop this week, publishing the news to their public website, according to a post published...

DEBIAN-CVE-2021-30592

Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page...

CVE-2021-30592

Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page...

UBUNTU-CVE-2021-30592

Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page...

Design/Logic Flaw

Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page...

CVE-2021-30592

Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page...

CVE-2021-30592

CVE-2021-30592 is an out-of-bounds write in the Tab Groups component of the Chromium browser engine, fixed in Chromium 92.0.4515.131+. The initial CVE description notes an out-of-bounds write via a crafted HTML page when a user is convinced to install a malicious extension. Connected advisories f...

CVE-2021-30592

Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page...

CVE-2021-30592

Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page...

GitLab has an unspecified vulnerability (CNVD-2022-23496)

GitLab is a self-hosted, Git version control system project repository application developed in Ruby on Rails by GitLab, Inc. The application can be used to access a project's file content, commit history, bug list, etc. A security vulnerability exists in GitLab EE versions prior to 13.12, which...

Advanced Custom Fields < 5.11 - Subscriber+ Arbitrary ACF Data/Field Groups View and Fields Move

Some of the functions did not have proper capability checks in place, allowing low privilege users such as subscribers to view arbitrary ACF data, movie fields, as well as view field groups...

Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc

Cybersecurity researchers on Tuesday took the wraps off four up-and-coming ransomware groups that could pose a serious threat to enterprises and critical infrastructure, as the ripple effect of a recent spurt in ransomware incidents show that attackers are growing more sophisticated and more...

CVE-2021-24561

The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wpgroupname" parameter before outputting it back in the "Groups" page, leading to an Authenticated Stored Cross-Site Scripting issue...

PT-2021-16080 · WordPress · Wp Sms

Name of the Vulnerable Software and Affected Versions: WP SMS WordPress plugin versions prior to 5.4.13 Description: The issue is related to an Authenticated Stored Cross-Site Scripting problem. It occurs because the wp group name parameter is not properly sanitized before being outputted back in...

WordPress plugin WP SMS 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in the WordPress...

Apple’s Photo-Scanning Plan Sparks Outcry From Policy Groups

Civil rights activists say creating a system to scan for images of sexual abuse could threaten free speech and actually harm some children...

Researchers Find New Evidence Linking Diavol Ransomware to TrickBot Gang

Cybersecurity researchers have disclosed details about an early development version of a nascent ransomware strain called Diavol that has been linked to threat actors behind the infamous TrickBot syndicate. The latest findings from IBM X-Force show that the ransomware sample shares similarities t...