Pierluigi Paganini
May 19, 2022
Google addressed a high-severity flaw in its OAuth client library for Java that could allow attackers with a compromised token to deploy malicious payloads. Google addressed a high-severity authentication bypass flaw in Google OAuth Client Library for Java, tracked as CVE-2021-22573 (CVS Score 8.7), that could be exploited by an attacker with a compromised token […]
Pierluigi Paganini
February 15, 2022
Google fixed a high-severity zero-day flaw actively exploited with the release of Chrome emergency update for Windows, Mac, and Linux. Google fixed a high-severity zero-day flaw, tracked as CVE-2022-0609, actively exploited with the release of Chrome emergency update for Windows, Mac, and Linux. This is the first Chome zero-day fixed this year by Google. The zero-day […]
Pierluigi Paganini
January 06, 2022
The French data privacy and protection authority hit Google and Facebook with 210 million euros ($237 million) in fines. France’s National Commission on Informatics and Liberty (CNIL), the French data privacy and protection authority, hit Facebook and Google with 60 million euro ($68 million) and 150 million euro ($170 million) fines respectively. The CNIL fined […]
Pierluigi Paganini
November 27, 2021
Italy’s antitrust regulator, AutoritĂ Garante della Concorrenza e del Mercato (AGCM), has fined Apple and Google €10 million each their “aggressive” data practices. Italy’s antitrust regulator, AutoritĂ Garante della Concorrenza e del Mercato (AGCM), has fined Apple and Google €10 million each their “aggressive” data practices and the lack of transparency on the use of […]
Pierluigi Paganini
November 02, 2021
Google is going to increase the bounty for finding and exploiting privilege escalation vulnerabilities in the Linux kernel. Good news for white hat hackers, Google is going to increase the bounty for demonstrating privilege escalation vulnerabilities in the Linux kernel. The payouts for privilege escalation exploits using a known vulnerability will be up to US$31,337, […]
Pierluigi Paganini
September 13, 2021
Spook.js is a new side-channel attack on modern processors that can allow bypassing Site Isolation protections implemented in Google Chrome. Boffins devised a transient side-channel attack on modern processors, “Spook.js,” that can be abused by threat actors to bypass Site Isolation protections implemented in Google Chrome and Chromium browsers. The technique allows in some cases to steal sensitive […]
Pierluigi Paganini
September 12, 2021
Google introduces Private Compute Services, a collection of services aimed at designing to improve privacy in the Android operating system. Good news for Android users, Google has implemented the Private Compute Services, a set of features aimed at improving their privacy. “We introduced Android’s Private Compute Core in Android 12 Beta. Today, we’re excited to announce a […]
Pierluigi Paganini
June 10, 2021
Google this week addressed 14 vulnerabilities in the Chrome browser, including a zero-day flaw that has been exploited in the wild. Google released security updates to address 14 vulnerabilities in the Chrome browser, including a zero-day issue that has been exploited in the wild. The most severe of these flaws, tracked as CVE-2021-30544, is a […]
Pierluigi Paganini
April 17, 2021
Google Project Zero security team has updated its vulnerability disclosure policy, it gives users 30 days to patch flaws before disclosing associated technical details. The Google Project Zero security team announced an update to its vulnerability disclosure policy, it could include additional 30 days to the disclosure process for some bugs to give end-users enough […]
Pierluigi Paganini
March 23, 2021
Google addressed a zero-day vulnerability affecting Android devices that use Qualcomm chipsets which is actively exploited in the wild. Google has addressed a zero-day vulnerability, tracked as CVE-2020-11261, affecting Android devices that use Qualcomm chipsets. According to the IT giant, threat actors are actively exploiting the vulnerability in attacks in the wild. The CVE-2020-11261Â flaw, is […]
Malware / September 05, 2025
