Google Chrome < 147.0.7727.137 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 147.0.7727.137. It is, therefore, affected by multiple vulnerabilities as referenced in the 202604stable-channel-update-for-desktop28 advisory. - Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to...

A week in security (April 20 &#8211; April 26)

Last week on Malwarebytes Labs: Medical data of 500,000 UK volunteers listed for sale on Alibaba How cyberattacks on companies affect everyone Apple fixes iOS bug that kept deleted notifications, including chat previews Roblox clamps down on chats and age checks as legal pressure builds Malicious...

Apple fixes iOS bug that kept deleted notifications, including chat previews

Apple has released a software update that deals with an issue that could allow deleted notifications to be retrieved. Something that, in at least one reported case, was used by law enforcement during forensic analysis. Apple fixed the issue in iOS and iPadOS versions 18.7.8 and 26.4.2 check...

VulnCheck KEV: CVE-2017-6627

A vulnerability in the UDP processing code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and denial of service...

Exploit for Race Condition in Apple Ipados

CVE-2021-30955 POC Proof of concept wrapped into an iOS app...

Google Hacker Details Zero-Click 'Wormable' Wi-Fi Exploit to Hack iPhones

Google Project Zero white-hat hacker Ian Beer on Tuesday disclosed details of a now-patched critical "wormable" iOS bug that could have made it possible for a remote attacker to gain complete control of any device in the vicinity over Wi-Fi. The exploit makes it possible to "view all the photos,...

Fake iOS Jailbreak Site Lures in Apple Users

Bad actors are taking advantage of a recently-disclosed iOS bug with a fake website claiming to give iPhone users the ability to jailbreak their phones. In reality, researchers warn, the site ultimately enables attackers to conduct click fraud. A jailbreak, a method to escape Apple’s limitations ...

You Can Crash Anyone's iPhone Or iPad With A Simple Emoji Text Message

A newly discovered bug in Apple's iOS mobile operating system is being exploited in a prank that lets anyone crash your iPhone or iPad by just sending an emoji-filled iMessage, according to several reports. YouTube star EverythingApplePro published a video highlighting a sequence of characters th...

Warning — Setting This Date On iPhone Or iPad Will Kill Your Device Permanently

Don’t Try this at Home! An interesting software bug has been discovered in Apple's iOS operating system that could kill your iPhone, iPad or iPod Dead Permanently. Yes, you heard me right. An issue with the date and time system in iOS had emerged recently when Reddit users started warning people...

Researcher Charlie Miller Joins Twitter Security Team

Twitter quietly is assembling a serious security team, with the most recent addition being Charlie Miller, the security researcher known for finding a long line of bugs in the iPhone and other Apple products. Miller, a respected and prolific researcher, will join the social network’s security tea...

New iOS Bug Lets Apps Run Unsigned Code

There is a bug in Apple iOS that enables an attacker to run unsigned code on a user’s device, circumventing the company’s checks on apps in the iTunes App Store. The bug, which researcher Charlie Miller identified, can be exploited by an app to take actions on the device without the user’s...