Wednesday , February 5 2025

Google Warns of New Chrome Zero-Day Attack

infosecbulletin Sunday , April 16 2023 International

Google on Friday joined the list of vendors dealing with zero-day attacks, rolling out a major Chrome Desktop update to fix a security defect that’s already been exploited in the wild.

The high-severity vulnerability, tracked as CVE-2023-2033, is described as a type confusion in the Chrome V8 JavaScript engine.

AMD Patches CPU Vulnerability

By infosecbulletin / Wednesday , February 5 2025
AMD announced patches on Monday for a microprocessor vulnerability that risks the loss of Secure Encrypted Virtualization (SEV) protection, potentially...
Read More
AMD Patches CPU Vulnerability

Hackers To Use HTTP Client Tools To Compromise Microsoft 365 Accounts

By infosecbulletin / Wednesday , February 5 2025
Hackers are using HTTP client tools for advanced account takeover attacks on Microsoft 365. Seventy-eight percent of Microsoft 365 tenants...
Read More
Hackers To Use HTTP Client Tools To Compromise Microsoft 365 Accounts

Google patches 47 Android flaws, Including Actively Exploited CVE-2024-53104

By infosecbulletin / Wednesday , February 5 2025
Google has released patches for 47 security flaws in Android, including one that is actively being exploited. CVE-2024-53104 (CVSS score: 7.8)...
Read More
Google patches 47 Android flaws, Including Actively Exploited CVE-2024-53104

CVE-2025-21415
Microsoft Patches Critical Azure AI Face Service Vulnerability

By infosecbulletin / Tuesday , February 4 2025
Microsoft has released patches for two critical security flaws in Azure AI Face Service and Microsoft Account that could allow...
Read More
CVE-2025-21415 Microsoft Patches Critical Azure AI Face Service Vulnerability

Daily Security Update Dated:4.02.2025

By infosecbulletin / Tuesday , February 4 2025
Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
Daily Security Update Dated:4.02.2025

768 Exploited CVEs in 2024, a 20% Increase from 639 in 2023

By infosecbulletin / Tuesday , February 4 2025
In 2024, 768 vulnerabilities with CVE identifiers were reported as exploited in the wild, a 20% increase from 639 in...
Read More
768 Exploited CVEs in 2024, a 20% Increase from 639 in 2023

.Gov Domains Weaponized in Phishing Surge

By infosecbulletin / Monday , February 3 2025
A recent report from Cofense Intelligence highlights a concerning trend: threat actors are increasingly misusing .gov top-level domains (TLDs) to...
Read More
.Gov Domains Weaponized in Phishing Surge

RedSentry presents
Hacked 101 Seminar Successfully Ended at UITS

By infosecbulletin / Sunday , February 2 2025
The cybersecurity seminar "RedSentry presents: Hacked 101," organized by RedSentry with the University of Information Technology and Sciences (UITS) as...
Read More
RedSentry presents Hacked 101 Seminar Successfully Ended at UITS

US scientists claim to replicate DeepSeek for $30 dubbed “TinyZero,”

By infosecbulletin / Sunday , February 2 2025
Researchers at the University of California, Berkeley, claims they’ve managed to reproduce the core technology behind DeepSeek’s at a total...
Read More
US scientists claim to replicate DeepSeek for $30 dubbed “TinyZero,”

ChatGPT, DeepSeek, Qwen 2.5-VL Vulnerable to AI Jailbreaks

By infosecbulletin / Sunday , February 2 2025
This week, multiple research teams showcased jailbreaks for popular AI models, including OpenAI's ChatGPT, DeepSeek, and Alibaba's Qwen. After its...
Read More
ChatGPT, DeepSeek, Qwen 2.5-VL Vulnerable to AI Jailbreaks

“Google is aware that an exploit for CVE-2023-2033 exists in the wild,” the company said in a barebones advisory that credits Clément Lecigne of Google’s Threat Analysis Group for reporting the issue.

The company did not provide any additional details of the bug, the in-the-wild exploitation, indicators of compromise (IOCs) or any guidance on the profile of targeted machines.

Google said access to bug details and links may be kept restricted until a majority of users are updated with a fix. The company said it may also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

The patch is being pushed to Chrome 112.0.5615.121 for Windows Mac and Linux and will roll out via the software’s automatic patching mechanism over the coming days/weeks.

The Chrome zero-day patch comes days after Microsoft acknowledged a zero-day in its flagship Windows operating system was being hit by ransomware actors.

Like Google and Microsoft, Apple has also struggled with zero-day exploits and shipped a major patch a week ago to fix a pair of code execution flaws in its iOS, macOS iPadOS platforms.

So far this year, there have been 20 documented in-the-wild zero-day compromises, according to data tracked by SecurityWeek.  Security defects in code from Microsoft, Apple and Google account for 12 of the 20 zero-days in 2023.

Check Also

Malware Trends Review 2024: Ever Recorded Cyber Threats

Last year saw a significant rise in cyber threats, with malware becoming more advanced and …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin