tldrdailynews.com logo
Tag

Web Security

All articles tagged with #web security

Chrome ramps to quantum-proof HTTPS with Merkle-tree certificates
technology1 month ago

Chrome ramps to quantum-proof HTTPS with Merkle-tree certificates

Chrome is testing quantum-resistant HTTPS that uses Merkle-tree proofs, letting browsers verify certificates with tiny proofs instead of large data; a Tree Head signs millions of certs, keeping the data near 64 bytes. The plan for a broader rollout runs through 2027 with a parallel quantum-resistant trust store and mandatory certificate transparency, while traditional certificates remain as a safety net during the transition.

via TechSpot|
#certificate-transparency#google-chrome#merkle-tree-certificates
Critical AdonisJS Vulnerability Enables Remote Arbitrary File Write
web-security3 months ago

Critical AdonisJS Vulnerability Enables Remote Arbitrary File Write

A critical security flaw (CVSS 9.2) in the '@adonisjs/bodyparser' npm package allows remote attackers to perform arbitrary file writes on servers through path traversal in multipart file handling, emphasizing the need for immediate updates to affected versions. Additionally, a similar high-severity vulnerability was found in the jsPDF library, which has been patched in version 4.0.0.

via The Hacker News|
#adonisjs#bodyparser#cvss-92
Anthropic Launches Claude AI Chrome Extension Amid Browser Security Concerns
technology7 months ago

Anthropic Launches Claude AI Chrome Extension Amid Browser Security Concerns

Anthropic's AI Chrome extension, designed to automate tasks, has significant security vulnerabilities with a 23.6% attack success rate, reduced to 11.2% with safety measures. Experts warn that these risks, including prompt injection and malicious instructions, pose serious security concerns, and current protections are insufficient, placing the burden of security on users.

via Ars Technica|
#ai-security#anthropic#browser-extension