Downloading .HTML files through a browser are usually phishing or scam, but researchers have found that sometimes it can be used to steal user files. The researchers found a 17-year-old security vulnerability in Firefox,...
Entering a specific string in iMessage and sending it to someone else can cause some weird things. We have reported many such accidental discoveries in the past, and fortunately, Apple usually completes bug fixes...
Google today released the 2019 July Android security patch, which fixes many of the most important security vulnerabilities recently discovered and other issues found in various Android components. This month’s Android security patch includes...
Earlier this year, a Google researcher discovered a security vulnerability in Secure Encrypted Virtualization (SEV) within AMD’s EPYC processor that allowed an attacker to obtain a security key and access an otherwise isolated virtual...
Recently, security researchers at the Mimecast Threat Center discovered a new vulnerability in the Microsoft Excel spreadsheet application, which has caused 120 million users to be vulnerable to cyber attacks. The researcher points out...
Charles Holmes, a security researcher at Atredis Partners, discovered a new vulnerability in Kubernetes that could allow an attacker to place a malicious container on a user’s workstation. This vulnerability affects Kubernetes’ kubectl command-line...
Recently, researchers from Check Point Research and CyberInt disclosed a vulnerability from the EA Origin service. Origin is a Steam-like digital distribution platform launched by EA. Since it is the only way to get...
Gatekeeper is a security tool on macOS system designed to ensure that only trusted software to run on the Mac. However, this application authentication feature has a security vulnerability that can be used to...
Dell SupportAssist has again a flaw. Software such as Support Assistant is mainly to help users automatically update drivers or contact technical support. Many manufacturers pre-install this type of software. The software itself has...
The 0-day vulnerability that Firefox just fixed was used to attack Coinbase employees. According to Philip Martin, a member of Coinbase security team, the attacker combination exploited two 0day vulnerabilities, one of which was a...
The Debian project team today released a new security update for Intel microcode firmware to fix the recently disclosed Intel MDS (Microarchitecture Data Sampling) vulnerability. On May 14 this year, Intel disclosed four new...
Recently, security experts from IBM X-Force discovered a remote code execution vulnerability (CVE-2019-7406) in the TP-Link Wi-Fi Extender. The vulnerability could be exploited by an unauthenticated remote attacker by triggering a malformed HTTP request, allowing...
Firefox browser has just pushed a new emergency security update to fix the zero-day vulnerability discovered by Google Project Zero. Mozilla has also confirmed that hackers have begun to exploit this vulnerability in the...
Netflix engineers have discovered multiple TCP network vulnerabilities in the Linux and FreeBSD kernels. Vulnerabilities are related to minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities, the most serious of which is...
Recently, Google disclosed a security vulnerability that has been fixed. This vulnerability is a cross-site scripting attack that can be used to attack Google’s network and impersonate its employees. It is worth noting that...
Microsoft has been convincing old Windows users to install patches as soon as possible to fix a serious RDP vulnerability called “BlueKeep.” After receiving support from the National Security Agency (NSA) earlier this month,...
