Google published urgent security updates for its Chrome browser on Thursday, including a pair of new security flaws that are being exploited in the wild. CVE-2021-37975 and CVE-2021-37976 are two of four fixes that address a use-after-free weakness in the V8 JavaScript and Web Assembly engines, as well as an information leak in the core. While this Chrome update addresses four … Continue reading “Google releases emergency Chrome update to fix two zero-day vulnerabilities”
Author: Diksha Ojha
Apple macOS Finder Remote Code Execution Zero-Day Vulnerability
A zero-day security flaw in Apple’s macOS Finder system has been detected. This vulnerability allows remote attackers to fool users into running arbitrary commands. Zero-day vulnerabilities are defects that have been publicly published but have not yet been patched by the vendor. These vulnerabilities are sometimes actively exploited by attackers or have publicly available proof-of-concept exploits. … Continue reading “Apple macOS Finder Remote Code Execution Zero-Day Vulnerability”
Apple Arbitrary Code Injection Vulnerability (CVE-2021-30869)
Apple provided security fixes to address a zero-day vulnerability on Thursday. The attackers have used it in the wild to break into iPhones and Macs running older versions of iOS and macOS. Apple has also provided patches for a previously patched security flaw exploited by NSO Group’s Pegasus surveillance tool to target iPhone users. CVE-2021-30869 is a zero-day vulnerability. This is a type-confusion hole in Apple’s … Continue reading “Apple Arbitrary Code Injection Vulnerability (CVE-2021-30869)”
