Aggregator

Браузер, где всё по-старому — и в этом его сила.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 99. This affects an unknown part of the component Performance API. The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is uniquely identified as CVE-2022-29915. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox up to 100 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is known as CVE-2022-31736. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 91.9. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is handled as CVE-2022-31736. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Mozilla Firefox up to 102. This vulnerability affects unknown code of the component CSS Handler. The manipulation leads to improper access controls. This vulnerability was named CVE-2022-36319. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Mozilla Firefox up to 102 on Android. This issue affects some unknown processing of the component URL Handler. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-36317. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Firefox up to 102. Affected is an unknown function of the component chrome URL Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2022-36318. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 102. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2022-36320. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mozilla Thunderbird up to 102. Affected is an unknown function of the component CSS Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2022-36319. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Mozilla Thunderbird up to 102. Affected by this vulnerability is an unknown functionality of the component chrome URL Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2022-36318. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Thunderbird up to 102. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2022-2505. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 103. It has been rated as critical. This issue affects some unknown processing of the component XSLT Error Handler. The manipulation leads to clickjacking. The identification of this vulnerability is CVE-2022-38472. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 102.1 and classified as critical. This issue affects some unknown processing of the component XSLT Error Handler. The manipulation leads to clickjacking. The identification of this vulnerability is CVE-2022-38472. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Inhabit Move CRM 4 Build 260. Affected is an unknown function of the component User Profile Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2022-43271. It is possible to launch the attack remotely. There is no exploit available.

The recent ransomware breach tied to ICICI Bank—claimed by the LockBit group—has raised fresh concerns about the fragility of digital ecosystems and third-party risk. While official confirmations remain limited, leaked files and dark web chatter suggest that attackers accessed systems through a vendor relationship and exfiltrated over 3 TB of sensitive data, including customer records

The post ICICI Bank Ransomware Breach: A Stark Reminder of Supply Chain Risk and the Need for Real-Time Cyber Vigilance appeared first on Seceon Inc.

The post ICICI Bank Ransomware Breach: A Stark Reminder of Supply Chain Risk and the Need for Real-Time Cyber Vigilance appeared first on Security Boulevard.

The cryptocurrency sector has always been a magnet for cybercriminals, but the TraderTraitor campaign marks a different kind of threat—one backed by state-sponsored actors with long-term goals and surgical precision. Allegedly linked to North Korea’s Lazarus Group, this campaign wasn’t just about breaking into wallets. It was about exploiting trust, manipulating human behavior, and moving

The post The TraderTraitor Crypto Heist: Nation-State Tactics Meet Financial Cybercrime appeared first on Seceon Inc.

The post The TraderTraitor Crypto Heist: Nation-State Tactics Meet Financial Cybercrime appeared first on Security Boulevard.

Linux cyber threats are less widespread than Windows ones yet it can make them even more dangerous. Underestimated and under-anticipated, they stab endpoints and networks in the back, bringing operational disruption and financial loss. It’s true that individual desktop users are less targeted by Linux-specific malware, than that tailored for Windows systems. Although they still […]

The post How and Why Threat Hunting Teams Investigate Linux Malware Attacks appeared first on Cyber Security News.

A vulnerability has been found in Adobe Experience Manager and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-20768. The attack can be launched remotely. There is no exploit available.