Google has patched an actively exploited zero-day vulnerability — the fifth such exploit found in the Chrome browser this year. The bug, chronologically referred to as CVE-2022-2856, can allow for arbitrary code execution due to insufficient validation of untrusted input in Intents. The bug was discovered by Google’s Threat Analysis Group (TAG), which also identified ten other Chrome issues needing resolution.
Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024
Cisco ASA devices were targeted by hackers using two zero-days to install backdoors. Also, an attack using Ivanti zero-day vulnerabilities resulted in a breach at