Google has patched an actively exploited zero-day vulnerability — the fifth such exploit found in the Chrome browser this year. The bug, chronologically referred to as CVE-2022-2856, can allow for arbitrary code execution due to insufficient validation of untrusted input in Intents. The bug was discovered by Google’s Threat Analysis Group (TAG), which also identified ten other Chrome issues needing resolution.

The NHS needs to tighten its third-party supplier cybersecurity
The NHS should proactively fortify cybersecurity within its third-party software suppliers following recent damaging ransomware attacks, says Jonathan Lee from Trend Micro. He suggests implementing