Oct 4, 2023 | Podcast
A popular library for rendering images in the WebP format has a critical vulnerability that is under active exploitation. The vulnerability is with the libwebp library and it suffers from a heap buffer overflow which allows a remote attacker to perform an out of...
Oct 3, 2023 | Podcast
Microsoft’s Bing Chat AI search assistant has been discovered to be serving up malicious ads to users. Bing Chat was first introduced in February this year and began serving ads a month later to help cover costs. However, incorporating ads into the platform has...
Oct 2, 2023 | Podcast
A fake Bitwarden password manager lookalike site is distributing malware to unsuspecting visitors. The fake website is a very convincing lookalike to the real Bitwarden site and has a typo squat domain name to fool potential victims. It is believed that phishing...
Sep 29, 2023 | Podcast
Attackers targeting software supply chains are impersonating GitHub Dependabot to sneak their malicious code changes past developers. Security researchers have discovered a campaign where attackers were attempting to sneak code into software projects by disguising...
Sep 28, 2023 | Podcast
Attackers have been running a campaign this month, using malicious open-source packages to steal sensitive data from software developers. The campaign commenced on September 12 2023 and started with 14 malicious packages on npm. There was a brief hiatus on September...
Sep 27, 2023 | Podcast
Your computer’s graphic card could be exposing sensitive data to malicious websites. Researchers have published a paper demonstrating how a malicious website can exploit a vulnerability in the GPU (Graphic Processing Unit) to perform a cross-origin attack and...
