Google recently announced the availability of a Chrome 124 update that patches four vulnerabilities, including a critical security hole. Google noted that the critical vulnerability, tracked as CVE-2024-4058, is a type confusion bug in the ANGLE graphics layer engine. Google has credited two members of Qrious Secure for reporting CVE-2024-4058. They have been awarded a $16,000 bounty for their findings. Google has not mentioned if CVE-2024-4058 is being exploited in the wild.

Researchers from the Massachusetts Institute of Technology (MIT) and the MIT-IBM Watson AI Lab developed a new chip that can efficiently accelerate Machine Learning (ML) workloads on edge devices such as smartphones while securing sensitive user data against two common types of attacks: side-channel attacks and bus-probing attacks. Health-monitoring apps can be slow and energy-inefficient as the ML models behind them must be shuttled between a smartphone and a central memory server.

By aekwall 

According to AG Security Research, vulnerabilities impacting Microsoft's PlayReady content access and protection technology enable rogue subscribers to illegally download movies from popular streaming services. Adam Gowdiak, founder and CEO of AG Security Research, conducted the study over several months. PlayReady is a media file copy-prevention technology that includes encryption, output prevention, and Digital Rights Management (DRM).

North Korean hackers have been exploiting eScan antivirus' updating mechanism to install backdoors on large corporate networks and deliver cryptocurrency miners via "GuptiMiner" malware. GuptiMiner is described as "a highly sophisticated threat" capable of making Domain Name System (DNS) requests to the attacker's DNS servers, extracting payloads from images, signing payloads, and performing Dynamic Link Library (DLL) sideloading.

Synlab Italia has recently suspended all its medical diagnostic and testing services after a ransomware attack forced its IT systems to be taken offline. Part of the Synlab group that is present in 30 countries worldwide, the Synlab Italia network operates 380 labs and medical centers across Italy. The company announced that it had suffered a security breach in the early hours of April 18, which forced it to shut down all computers to limit the damaging activity. No specific recovery timeline was provided.