Google corrects previous disclosure for libwebp vulnerability

Flaw was previously reported as a Chrome bug

clock • 2 min read
Google corrects previous disclosure for libwebp vulnerability

Google has allocated a fresh CVE ID to a security vulnerability in libwebp, which had been exploited as a zero-day in recent attacks.

The bug was patched approximately two weeks ago and was reported in a collaborative effort by Apple Security Engineering and Architecture (SEAR) and the Citizen Lab at The University of Toronto's M...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
AT&T data breach exposes call records of 'nearly all' wireless customers

Hacking

Stolen data isn't publicly available yet, the company claims

clock 14 July 2024 • 3 min read
Indian antitrust regulator finds Apple's App Store abuses market power

Law

Latest in a line of global antitrust regulation against Apple

clock 14 July 2024 • 3 min read
Google strengthens Advanced Protection Program with passkey integration

Security Technology

To enroll in APP with a passkey, users need a compatible device and browser

clock 12 July 2024 • 3 min read

More on Threats and Risks

Nearly 7% of all internet traffic is malicious, says Cloudflare

Nearly 7% of all internet traffic is malicious, says Cloudflare

Volume and scale of DDoS attacks ‘vast’

Penny Horwood
clock 17 July 2024 • 2 min read
Malicious Python packages found exfiltrating user data to Telegram bot

Malicious Python packages found exfiltrating user data to Telegram bot

Appears to be part of a wider operation by crime gang based in Iraq, say Checkmarx researchers

John Leonard
clock 15 July 2024 • 2 min read
New threat group CRYSTALRAY seen using variety of off-the-shelf tools to steal credentials

New threat group CRYSTALRAY seen using variety of off-the-shelf tools to steal credentials

Sysdig researchers have been following the group since February

John Leonard
clock 11 July 2024 • 2 min read