Google Chrome data leakage bug confirmed as actively exploited – Go Health Pro

Google Chrome data leakage bug confirmed as actively exploited – Go Health Pro

A Google Chrome vulnerability allowing the leak of OAuth codes was added to the Known Exploited Vulnerabilities catalog by the Cybersecurity & Infrastructure Security Agency (CISA) on Thursday.The flaw, tracked as CVE-2025-4664, is due to insufficient policy enforcement in the Google Chrome Loader, Google said Wednesday.The vulnerability was discovered by security researcher Vsevolod Kokorin, who … Read more

Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers – Go Health Pro

Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers – Go Health Pro

May 06, 2025Ravie LakshmananVulnerability / Mobile Security Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild. The vulnerability in question is CVE-2025-27363 (CVSS score: 8.1), a high-severity flaw in the System component that could lead to local … Read more

Firefox patches flaw similar to exploited Chrome zero-day – Go Health Pro

Firefox patches flaw similar to exploited Chrome zero-day – Go Health Pro

Mozilla patched a Firefox browser vulnerability that was discovered after a similar Google Chrome flaw was found to be actively exploited in potential espionage campaigns.The critical flaw, tracked as CVE-2025-2857, could enable an attacker to escape the Firefox browser’s sandbox protection on Windows machines due to an error in the browser’s inter-process communication (IPC) code, … Read more

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure – Go Health Pro

Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure – Go Health Pro

Mar 17, 2025Ravie LakshmananVulnerability / Web Security A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions – Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat … Read more

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers – Go Health Pro

Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers – Go Health Pro

Taiwanese hardware maker Zyxel says it has no plans to release a patch for two actively exploited vulnerabilities affecting potentially thousands of customers.  Threat intelligence startup GreyNoise warned late last month that a critical-rated zero-day vulnerability impacting Zyxel routers was being actively exploited. GreyNoise said the flaws allow attackers to execute arbitrary commands on affected … Read more