GitHub has released new information on six vulnerabilities that were uncovered by one of its security researchers. The vulnerabilities are in the WebAudio component of Chrome. The vulnerabilities were reported to Google by GitHub Security Lab in February and March. The security researcher identified several Chrome sandbox escape vulnerabilities, and

Apple released Safari 13.1 yesterday, which included new updates to Safari’s Intelligence Tracking Prevention (ITP) privacy feature. The most major shift was that Apple products will now block all third-party cookies while in Safari by default. Apple’s latest move means that online advertisers and analytics firms will not be able

Google recently introduced a seemingly subtle change in the newest version of its Chome web browser, version 80. The feature makes the credentials that users save in Chrome’s password manager more secure, and it has already generated a large impact on the underground criminal enterprise. The Genesis Store has operated

Duo Security released an analysis on Thursday claiming that over 500 malicious Chrome extensions were secretly collecting browser data and redirecting users to websites containing malware. Researchers at Duo Security stated that the extensions have since been removed from Google’s Chrome Web Store, but that they were previously downloaded millions

In the first nine months of this year, the number of ad and scam browser notifications surged by 69%, a new report by Kaspersky shows. If users allow browser notifications for a certain website, these can be sent even when users are not visiting that website. Malicious websites increasingly try

Chinese white-hat hacking competition, the Tianfu Cup, took place over the weekend as hackers used never-before-seen zero days to compromise popular software. The Tianfu Cup aims to identify vulnerabilities through competition between hacking groups and bears many similarities to the international hacking contest Pwn2Own. The Tianfu Cup was created exclusively

“Attackers could craft a campaign that makes use of the device profile in order to exploit any vulnerabilities in a targeted fashion. Google has issued a partial fix for an Android issue dating back to 2015 – after originally rejecting the bug report on the grounds of the mobile OS