News

Police Swoop on €645m Cannabis Investment Fraud Gang

April 15, 2024

Read Time:4 Second

Nine arrests and millions of euros seized in bid to bust JuicyFields investment scammers

ZDI-24-365: (Pwn2Own) Microsoft Edge DOMArrayBuffer Use-After-Free Remote Code Execution Vulnerability

April 15, 2024

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 5.4. The following CVEs are assigned: CVE-2024-2886.

Advisories

ZDI-24-366: (Pwn2Own) Google Chrome WASM Improper Input Validation Remote Code Execution Vulnerability

April 15, 2024

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 5.4. The following CVEs are assigned: CVE-2024-2887.

Advisories

ZDI-24-367: (Pwn2Own) Google Chrome V8 Enum Cache Out-Of-Bounds Read Remote Code Execution Vulnerability

April 15, 2024

Read Time:17 Second

Advisories

DSA-5660-1 php7.4 – security update

April 15, 2024

Read Time:12 Second

Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in secure cookie
bypass, XXE attacks or incorrect validation of password hashes.

https://security-tracker.debian.org/tracker/DSA-5660-1

Advisories