It is no longer necessary for a person to commute to a physical location to find information about anything they are interested in.
Currently, Google can be trusted to provide the most relevant information about anything and everything.
Google has a wealth of information available at the click of a button. Data threat risk is also growing along with the acceptance of cloud services leading to the rise of data breaches.
With billions of users, Google Chrome is gaining an increasing amount of popularity as one of the most popular web browsers.
According to the cyber security firm Imperva Red, a vulnerability in Google Chrome and Chromium browsers could expose the data of over 2.5 billion users worldwide to the risk of theft or other harm.
The company is reporting that a vulnerability known as CVE-2022-3656 can be exploited to steal private information, such as the login credentials of cloud providers and crypto wallets. An assessment of how the browser interacts with the file system found a vulnerability in the way the browser works with the file system. According to the blog, the purpose of this experiment was primarily to examine how browsers handle symlinks to find widespread issues.
It should be noted that a symbolic link is a kind of file that points to a different file or directory, as defined by Imperva Red. A symlink can therefore be treated by the operating system as if it were a regular file or directory. This means that the operating system can access it as though it were physically present. A symlink could be useful if you want to create shortcuts, change the path of a file, or organize your files more flexibly according to the manual.
There is also a possibility that these links could be exploited to expose vulnerabilities if not managed appropriately.
The company stated that the flaw, which affected Google Chrome, could have been exploited by hacking and building a false website. This site promoted a newly launched service related to crypto wallets. A website that prompts people to download "recovery" keys might then appear to deceive them into creating a new wallet.