Thousands of Popular Websites Leaking Secrets
Code security firm Truffle Security warns that thousands of the domains in the Alexa top 1 million websites list are leaking secrets, including credentials. According…
Category: SecurityWeek
Password-Stealing Chrome Extension Demonstrates New Vulnerabilities
A group of academic researchers has built a proof-of-concept Chrome extension that can steal passwords from text input fields and published it to the Chrome…
25 Major Car Brands Get Failing Marks From Mozilla for Security and Privacy
Mozilla has analyzed 25 major car brands and gave all of them failing marks for privacy and security. They collect significant amounts of personal data…
Android Zero-Day Patched With September 2023 Security Updates
Google on Tuesday announced that Android’s September 2023 security updates contain patches for 32 vulnerabilities, including one that has been exploited in attacks. Tracked as…
Hacker Conversations: Alex Ionescu – SecurityWeek
In this edition of Hacker Conversations, SecurityWeek talks to Alex Ionescu, a world-renowned cybersecurity expert who has combined a career as a business executive with…
Chrome 116 Update Patches High-Severity Vulnerabilities
Google on Tuesday announced the release of a Chrome 116 update that patches four high-severity vulnerabilities reported by external researchers. Tracked as CVE-2023-4761, the first…
AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure
AtlasVPN developers are working on a patch for an IP leak vulnerability whose details were made public by a researcher who decided to take the…
United Airlines Says the Outage That Held Up Departing Flights Was Not a Cybersecurity Issue
United Airlines said Tuesday that a software update triggered a glitch that forced it to halt departures nationwide, briefly crippling one of the nation’s biggest…
CISA Hires ‘Mudge’ to Work on Security-by-Design Principles
The U.S. government’s cybersecurity agency CISA on Monday confirmed the addition of Peiter ‘Mudge’ Zatko to its roster of prominent voices preaching the gospel of…
9 Vulnerabilities Patched in SEL Power System Management Products
Nine vulnerabilities, including potentially serious flaws, were patched recently in a couple of electric power management products made by Schweitzer Engineering Laboratories (SEL). SEL is…
MITRE and CISA Release Open Source Tool for OT Attack Emulation
The MITRE Corporation and the US Cybersecurity and Infrastructure Security Agency (CISA) today announced a new extension for the open source Caldera platform that emulates…
7 Million Users Possibly Impacted by Freecycle Data Breach
Freecycle.org, a platform that allows users to recycle their belongings, has prompted millions of users to reset their passwords after their credentials were compromised in…