Updated webkit2 packages fix security vulnerabilities

CVE-2025-43457 Processing maliciously crafted web content may lead to an unexpected Safari crash. A use-after-free issue was addressed with improved memory management. CVE-2026-20608 Processing maliciously crafted web content may lead to an unexpected process crash. This issue was addressed throu...

MGASA-2026-0064 Updated webkit2 packages fix security vulnerabilities

CVE-2025-43457 Processing maliciously crafted web content may lead to an unexpected Safari crash. A use-after-free issue was addressed with improved memory management. CVE-2026-20608 Processing maliciously crafted web content may lead to an unexpected process crash. This issue was addressed throu...

EUVD-2026-14871

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability affects Firefox 149...

CVE-2026-4728

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4728

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

UBUNTU-CVE-2026-4728

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4728 Spoofing issue in the Privacy: Anti-Tracking component

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4728

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4728 Spoofing issue in the Privacy: Anti-Tracking component

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4728

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

CVE-2026-4728

CVE-2026-4728 : A spoofing issue in the Privacy: Anti-Tracking component is documented for Mozilla Firefox and Mozilla Thunderbird. The connected documents consistently state the vulnerability and that it has been fixed in Firefox 149 and Thunderbird 149 . No additional technical details (root ca...

CVE-2026-4728

Spoofing issue in the Privacy: Anti-Tracking component. This vulnerability was fixed in Firefox 149 and Thunderbird 149...

PT-2026-27426

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Thunderbird versions prior to 149 Description A spoofing issue exists in the Privacy: Anti-Tracking component. Recommendations Update Firefox to version 149 or later. Update Thunderbird to version 149 or later...

KLA90955 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of...

A week in security (March 16 – March 22)

Last week on Malwarebytes Labs: Could your face change what you pay? NYC wants limits on biometric tracking That "job brief" on Google Forms could infect your device A DarkSword hangs over unpatched iPhones Your tax forms sell for $20 on the dark web Researchers found font-rendering trick to hide...

📄 Starlink DNS Rebinding

This Metasploit auxiliary module implements a DNS rebinding attack targeting Starlink infrastructure CVE-2023-52235. The module operates by running a malicious DNS server that dynamically switches responses from a public IP to internal network targets, enabling access to internal services. It als...

Model Context Protocol Threat Modeling and Analyzing Vulnerabilities to Prompt Injection with Tool Poisoning

The Model Context Protocol MCP has rapidly emerged as a universal standard for connecting AI assistants to external tools and data sources. While MCP simplifies integration between AI applications and various services, it introduces significant security vulnerabilities, particularly on the client...

Advisory ROSA-SA-2026-3217

software: runc 1.3.4 OS: ROSA-CHROME unaffected versions = runc-1.3.4-1 affected versions runc-1.3.4-1 CVE-ID: CVE-2024-45310 BDU-ID: 2024-06891 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Runc isolated container tool is associated with a race condition that allows link tracking. Exploitation...

[SECURITY] [DSA 6172-1] webkit2gtk security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6172-1 [email protected] https://www.debian.org/security/ Alberto Garcia March 21, 2026 https://www.debian.org/security/faq -...

Could your face change what you pay? NYC wants limits on biometric tracking

New York City lawmakers are pushing to ban private businesses from using biometric tools like voice and facial recognition software to track the public. While the desire to use surveillance technology in stores to fight shoplifting is understandable, lawmakers and privacy advocates are worried th...