Chrome 132 Patches 16 Vulnerabilities
Google has released Chrome 132 with fixes for 16 vulnerabilities, including multiple high-severity security defects.
The post Chrome 132 Patches 16 Vulnerabilities appeared first on SecurityWeek.
Similar Posts
CISA Adds CrushFTP Vulnerability to KEV Catalog Following Confirmed Active Exploitation
Bys sA recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged of active exploitation in the wild. The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances….
NL: Suspects report themselves via new reporting form
Bys sThe Dutch police’s new self-reporting form is proving successful. In the first three months since the form’s launch, several suspects have self-reported, including for involvement in violence and bank helpdesk fraud. Dozens more reports were also received, including from people who witnessed a crime or wanted to report damage they had caused. “We’re pleased that……
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. The flaws, discovered by Melbourne-based cybersecurity company Stratus Security, have been addressed as of May 2024. Two of the three shortcomings reside in Power Platform’s OData Web API Filter, while the third vulnerability…
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
Bys sPalo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. “Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as…
Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks
Bys sA high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances accessible over the internet, according to new findings from Wiz. The flaw, tracked as CVE-2025-8110 (CVSS score: 8.7), is a case of file overwrite in the file update API of the Go-based self-hosted Git service. A fix…
Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool
Bys sA China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. “Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and