[HackerNews] Google Releases Urgent Chrome Update to Patch 2 Actively Exploited 0-Day Bugs

Google on Thursday rolled out an emergency update for its Chrome web browser, including fixes for two zero-day vulnerabilities that it says are being actively exploited in the wild.
Tracked as CVE-2021-38000 and CVE-2021-38003, the weaknesses relate to insufficient validation of untrusted input in a feature called Intents as well as a case of inappropriate implementation in V8 JavaScript and

Source: Read More (The Hacker News)

You might be interested in …

Daily NCSC-FI news followup 2021-04-11

Clubhouse data leak: 1.3 million user records leaked online for free cybernews.com/security/clubhouse-data-leak-1-3-million-user-records-leaked-for-free-online/ So far, it seems like its been the worst week of the year for social media platforms in terms of data leaks, with Clubhouse seemingly joining the fray. Sudden New Warning Will Surprise Millions Of WhatsApp Users www.forbes.com/sites/zakdoffman/2021/04/10/shock-new-warning-for-millions-of-whatsapp-users-on-apple-iphone-and-google-android-phones/ A nasty new surprise for […]

Read More

[SecurityWeek] Report: Accellion Failed to Notify Customers of FTA Zero-Day

All posts, Security Week

Accellion failed to notify customers of a zero-day vulnerability in its file transfer application (FTA) and related cyber-attacks targeting the security flaw, according to a new report from professional services firm  KPMG. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable

All posts, HackerNews

A set of new security vulnerabilities has been disclosed in commercial Bluetooth stacks that could enable an adversary to execute arbitrary code and, worse, crash the devices via denial-of-service (DoS) attacks.  Collectively dubbed “BrakTooth” (referring to the Norwegian word “Brak” which translates to “crash”), the 16 security weaknesses span across 13 Bluetooth chipsets from 11 […]

Read More