arbitrary code execution browser hacking browser security Firefox hacking news HTML JavaScript javascript exploit javascript injection Security Web developer

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for built-in “about: pages” that are the gateway to sensitive preferences, settings, and statics of the browser. Firefox browser has 45 such internal locally-hosted about pages, some […]

Apple macOS hacking news iTerm2 macos apps Mozilla remote code execution Security

7-Year-Old Critical RCE Flaw Found in Popular iTerm2 macOS Terminal App

A 7-year-old critical remote code execution vulnerability has been discovered in iTerm2 macOS terminal emulator app—one of the most popular open source replacements for Mac’s built-in terminal app. Tracked as CVE-2019-9535, the vulnerability in iTerm2 was discovered as part of an independent security audit funded by the Mozilla Open Source Support Program (MOSS) and conducted […]

Cyber Security forum software hacking forum hacking news remote code execution Security SQL injection attack VBulletin vBulletin Forum Vulnerability

vBulletin Releases Patch Update for New RCE and SQLi Vulnerabilities

After releasing a patch for a critical zero-day remote code execution vulnerability late last month, vBulletin has recently published a new security patch update that addresses 3 more high-severity vulnerabilities in its forum software. If left unpatched, the reported security vulnerabilities, which affect vBulletin 5.5.4 and prior versions, could eventually allow remote attackers to take […]

Android Vulnerability call hacking hacking news private chat Secure Messenger Security signal messaging app Vulnerability

Signal Messenger Bug Lets Callers Auto-Connect Calls Without Receivers’ Interaction

Almost every application contains security vulnerabilities, some of which you may find today, but others would remain invisible until someone else finds and exploits them—which is the harsh reality of cybersecurity and its current state. And when we say this, Signal Private Messenger—promoted as one of the most secure messengers in the world—isn’t any exception. […]

Android Android Vulnerability Cyber Attack hacking android phone hacking news how to hack android Security Vulnerability Zero-Day Vulnerability

New 0-Day Flaw Affecting Most Android Phones Being Exploited in the Wild

Another day, another revelation of a critical unpatched zero-day vulnerability, this time in the world’s most widely used mobile operating system, Android. What’s more? The Android zero-day vulnerability has also been found to be exploited in the wild by the Israeli surveillance vendor NSO Group—infamous for selling zero-day exploits to governments—or one of its customers, […]

Apple Safari browser security browser vulnerability chrome browser eGobbler hacking news malicious advertisement malvertising Malware safari vulnerability Security WebKit

Over A Billion Malicious Ad Impressions Exploit WebKit Flaw to Target Apple Users

The infamous eGobbler hacking group that surfaced online earlier this year with massive malvertising campaigns has now been caught running a new campaign exploiting two browser vulnerabilities to show intrusive pop-up ads and forcefully redirect users to malicious websites. To be noted, hackers haven’t found any way to run ads for free; instead, the modus […]

game hack game hacking hacking news Online security password hacker Security Words With Friends Zynga Zynga Games Zynga hacked

Exclusive — Hacker Steals Over 218 Million Zynga ‘Words with Friends’ Gamers Data

A Pakistani hacker who previously made headlines earlier this year for selling almost a billion user records stolen from nearly 45 popular online services has now claimed to have hacked the popular mobile social game company Zynga Inc. With a current market capitalization of over $5 billion, Zynga is one of the world’s most successful […]

Cydia jailbreak hacking news iOS jailbreak tool iOS Jailbreaking iphone jailbreak iPhone Vulnerability jailbreak Security Vulnerability

Hacker Releases ‘Unpatchable’ Jailbreak For All iOS Devices, iPhone 4s to iPhone X

An iOS hacker and cybersecurity researcher today publicly released what he claimed to be a “permanent unpatchable bootrom exploit,” in other words, an epic jailbreak that works on all iOS devices ranging from iPhone 4s (A5 chip) to iPhone 8 and iPhone X (A11 chip). Dubbed Checkm8, the exploit leverages unpatchable security weaknesses in Apple’s […]

computer virus Cyber Security fileless malware hacking news Malware Malware attack malware protection software Microsoft Security windows defender windows malware

Microsoft Warns of a New Rare Fileless Malware Hijacking Windows Computers

Watch out Windows users! There’s a new strain of malware making rounds on the Internet that has already infected thousands of computers worldwide and most likely, your antivirus program would not be able to detect it. Why? That’s because, first, it’s an advanced fileless malware and second, it leverages only legitimate built-in system utilities and […]