New Chrome Browser 0-day Under Active Attack—Update Immediately!
Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild. The company released 88.0.4324.150 for Windows, Mac, and…
Google Chrome sync feature can be abused for C&C and data exfiltration
A security researcher has found a malicious Chrome extension in the wild abusing the Chrome Sync process. Read more from the Source
Unpatched Vulnerability: 50,000 WP Sites Must Find Alternative for Contact Form 7 Style
On December 9, 2020, the Wordfence Threat Intelligence team discovered a Cross-Site Request Forgery (CSRF) to Stored Cross Site Scripting (XSS) vulnerability in Contact Form 7 Style, a WordPress plugin…
Beware: New Matryosh DDoS Botnet Targeting Android-Based Devices
A nascent malware campaign has been spotted co-opting Android devices into a botnet with the primary purpose of carrying out distributed denial-of-service (DDoS) attacks. Called “Matryosh” by Qihoo 360’s Netlab…