Help Net Security newsletters: Latest news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
Google Chrome
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)

A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity …

Patch Tuesday
Microsoft fixes 6 zero-days under active attack

August 2024 Patch Tuesday is here, and Microsoft has delivered fixes for 90 vulnerabilities, six of which have been exploited in the wild as zero-days, and four are publicly …

Chrome, Edge
Chrome, Edge users beset by malicious extensions that can’t be easily removed

A widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has been spotted by researchers. …

Google Chrome
Google fixes actively exploited Chrome zero-day (CVE-2024-0519)

In the new stable release of the Chrome browser, Google has fixed three security vulnerabilities affecting the V8 engine, including one zero-day (CVE-2024-0519) with an …

hand
Rilide browser extension steals MFA codes

Cryptocurrency thieves are targeting users of Chromium-based browsers – Google Chrome, Microsoft Edge, Brave Browser, and Opera – with an extension that steals …

Google Chrome
Google Chrome zero-day exploited in the wild (CVE-2022-4262)

Google has patched CVE-2022-4262, a type confusion vulnerability in the V8 JavaScript engine used by Google Chrome (and Chromium), which is being exploited by attackers in the …

browser synchronization abuse
Browser synchronization abuse: Bookmarks as a covert data exfiltration channel

Two universal and seemingly innocuous browser features – the ability to create bookmarks (aka “favorites”) and browser synchronization – make …

IE Edge
Is your organization ready for Internet Explorer retirement?

June 15, 2022, is the day that Microsoft will stop supporting most versions of Internet Explorer 11, and organizations should have ensured that they ready for its retirement. …

Windows
After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its …

tracking
Vulnerability in popular browsers could be used to track, profile users online

A vulnerability affecting desktop versions of four popular web browsers could be exploited by advertisers, malicious actors, and other third parties to track and profile users …

malware
Ad-injecting malware hijacks Chrome, Edge, Firefox

When searching for things online, has a greater number of ads than usual been popping up at the top of your search results? If it has, and you’re using Microsoft Edge, …

virtual reality
Using virtualization to isolate risky applications and other endpoint threats

More and more security professionals are realizing that it’s impossible to fully secure a Windows machine – with all its legacy components and millions of potentially …

Don't miss

Cybersecurity news