#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

V8 Engine | Breaking Cybersecurity News | The Hacker News

Category — V8 Engine
Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild

Aug 22, 2024 Browser Security / Vulnerability
Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE-2024-7971 , the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine. "Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page," according to a description of the bug in the NIST National Vulnerability Database (NVD). The Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) have been credited with discovering and reporting the flaw on August 19, 2024. No additional details about the nature of the attacks exploiting the flaw or the identity of the threat actors that may be weaponizing it have been released, primarily to ensure that a majority of the users are updated with a fix. The tech giant, however, acknowledged in a terse sta...
Update Your Chrome Browser ASAP to Patch a Week Old Public Exploit

Update Your Chrome Browser ASAP to Patch a Week Old Public Exploit

Apr 21, 2021
Google on Tuesday released an update for Chrome web browser for Windows, Mac, and Linux, with a total of seven security fixes, including one flaw for which it says an exploit exists in the wild. Tracked as CVE-2021-21224 , the flaw concerns a type confusion vulnerability in V8 open-source JavaScript engine that was reported to the company by security researcher Jose Martinez on April 5 According to security researcher  Lei Cao , the bug [ 1195777 ] is triggered when performing integer data type conversion, resulting in an out-of-bounds condition that could be used to achieve arbitrary memory read/write primitive. "Google is aware of reports that exploits for CVE-2021-21224 exist in the wild," Chrome's Technical Program Manager Srinivas Sista  said  in a blog post. The update comes after proof-of-concept (PoC) code exploiting the flaw published by a researcher named " frust " emerged on April 14 by taking advantage of the fact that the issue was addressed...
Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Future-Ready Trust: Learn How to Manage Certificates Like Never Before

WebinarTrust Management / SSL Certificate
Managing digital trust shouldn't feel impossible. Join us to discover how DigiCert ONE transforms certificate management—streamlining trust operations, ensuring compliance, and future-proofing your digital strategy.
Expert Insights / Articles Videos
Cybersecurity Resources