You Need to Update Windows and Chrome Right Now
June has seen the release of multiple security updates, with important patches issued for the likes of Google’s Chrome and Android as well …
The Chromium super (inline cache) type confusion
In this post I’ll exploit CVE-2022-1134, a type confusion in V8, the JavaScript engine of Chrome that I reported in March 2022, as bug …
Broken Authentication Vuln Threatens Amazon Photos Android App
A high-severity flaw in the Amazon Photos Android App — which has more than 50 million downloads — could allow attackers to steal a …
Revive – An Android Malware Intercepting All SMS To Steal 2FA/OTP
Cybersecurity experts at Cleafy TIR team have recently discovered a new Android banking malware called Revive. It has been discovered that …
Forced Chrome extensions get removed, keep reappearing
In the continued saga of annoying search extensions we have a new end-of-level boss. Victims have been reporting browser extensions that …
New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers
A new security vulnerability has been disclosed in RARlab’s UnRAR utility that, if successfully exploited, could permit a remote attacker …
Google Warns of Sophisticated Malware Distributed With The Help of ISPs
In the case of Hermit, it appears to have spread in Italy and Kazahkstan. In some cases, the bad actors were able to infect their targets …
Microsoft WebView2 phishing technique can bypass MFA and steal login cookies
A cybersecurity researcher has developed a new phishing technique that can bypass multi-factor authentication and steal login cookies …
Android Antivirus Apps Are Useless — Here’s What to Do Instead
There are billions of Android devices in the world, and that makes it a target. So, online fraudsters and scammers constantly create …
ISPs Helped Hackers to Infect Smartphones with Hermit Spyware
It was reported by the Google Threat Analysis Group (TAG) that highly sophisticated spyware known as Hermit has been discovered. There are …
Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users
Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on users. Researchers …
Google Details Spyware Targeting Phones in Italy, Kazakhstan
Google has revealed information about a spyware vendor called RCS Labs that, according to the company’s Threat Analysis Group (TAG), has …
Smashing Security podcast #280: Hot tub hijinx, and a sentient AI
Internet-connected jacuzzis find themselves in hot water, and a Google engineer claims that their AI has developed feelings. All this and …
BRATA Android Malware Evolves Into an APT
The BRATA Android banking Trojan is evolving into a persistent threat with a new phishing technique and event-logging …