Web browsers and vulnerabilities

Two major zero-day vulnerabilities were patched to avoid attacks Google has released Chrome 93.0.4577.82 for Windows, Mac, and Linux in the hope to fix eleven security vulnerabilities, two of them being zero-days, exploited in the wild.[1] Company shared the news and said that these exploits are active in the wild. […]

Google Chrome emergency update addresses a total of 11 security ...

Zoom Client for old Windows versions could allow remote code execution  Zoom – a widely used conferencing software developed by Nasdaq could be exploited by hackers due to a security flaw allowing remote code execution. According to the zero-day researchers from ACROS Security[1] who have reported the issue on Thursday, […]

A zero-day vulnerability in Zoom leaves Windows 7 vulnerable to ...

Misconfigured cloud database of several dating apps exposed private conversations and other personal information publicly Researchers from WizCase[1] cybersecurity team have identified five dating app services that are leaking the database of registered users continuously due to the faulty configuration of cloud databases and unprotected ElasticSearch. Million registered users should be […]

5 dating apps in the US and Asia leaked millions ...

IoT devices at risk of getting hacked due to 19 newly discovered vulnerabilities  Researchers reveal new flaws impacting a TCP/IP found at the base of many IoT products.[1] It means that billions of internet-connected devices are at risk and can get hacked. Particular reports[2] call these zero-day vulnerabilities Ripple20 and […]

Ripple20 zero-day vulnerabilities put billions of devices at risk

Web skimmers have been found leaking customers credentials and credit cards on Claire’s and Icing websites Clair’s – an American retailer of accessories, jewelry, toys, and other products aimed at teen and tween girls has been attacked by an infamous hacking group dubbed as MageCart[1]. According to the security researchers […]

MageCart group hacked Claire’s and Icing websites to steal credentials

Messenger version for Windows had a vulnerability that could allow attackers to hijack a call and inject malware Researchers reveal a critical bug in the Facebook Messenger application that allows the long-term persistent malware attacks.[1] Cybersecurity firm Reason Security[2] spotted the serious flaw in the Messenger for Windows version and […]

The flaw in Facebook Messenger App allows running persistent malware

Personal information of nearly 26M members and visitors of CAM4 adult site have been exposed publicly due to unprotected ElasticSearch database An adult-content website CAM4 counting billions of visitors yearly exposed a huge amount of personally identifiable information about its members, Security Detective researchers reported[1] in May 2020. The records have been publicly […]

CAM4 live-streaming adult site exposed 7TB records publicly