Source: Read More (SecurityWeek RSS Feed)
You might be interested in …
[HackerNews] Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability
Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that’s known to have an exploit in the wild. Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables a page to show another page as an inset […]
[BleepingComputer] Windows 10 upgrades blocked by old CryptoPro SCP versions
Microsoft has applied a compatibility hold on systems running older versions of CryptoPro CSP, blocking them from being offered or installing Windows 10, version 2004 or later. […] Source: Read More (BleepingComputer)
[BleepingComputer] Microsoft’s Halo dev site breached using dependency hijacking
Microsoft has once again been successfully hit by a dependency hijacking attack. This month, another researcher found an npm internal dependency being used by an open-source project. After publishing a public dependency by the same name, he began receiving messages from Microsoft’s Halo game dev servers. […] Source: Read More (BleepingComputer)