Neowin News Feed for: Disclosure

Unity discloses severe RCE vulnerability, urges developers to apply patches

Usama Jawad — Sat, 04 Oct 2025 06:32:02 +0000

Unity has disclosed a particularly severe vulnerability affecting all games going back to 2017. Malicious actors can utilize this security issue to gain access to data on your machine. Read more...

Google Project Zero exposes security flaw in libxslt library used in GNOME applications

Usama Jawad — Tue, 05 Aug 2025 13:36:01 +0000

Google's Project Zero team has publicly disclosed a UAF flaw in the popular libxslt library following GNOME's inability to fix it within 90 days of private reporting. Read more...

Microsoft calls out security firm for exaggerating impact of BlueBleed misconfiguration

Usama Jawad — Thu, 20 Oct 2022 04:46:01 +0000

Microsoft has published an advisory about a misconfiguration that led to its own, customer, and partner data being exposed. It has also called out security researchers for mishandling the disclosure. Read more...

Nvidia fined $5.5 million for misleading investors about crypto market

Usama Jawad — Fri, 06 May 2022 16:04:01 +0000

The U.S. Securities and Exchange Commission (SEC) has fined Nvidia for not telling investors that their rise in revenue in 2018 was due to cryptomining interest rather than its gaming business. Read more...

Google Project Zero detected record high 0-day exploits in 2021, but it's not all bad news

Usama Jawad — Wed, 20 Apr 2022 07:18:01 +0000

Google's Project Zero team has published its findings for 0-day exploits in the year 2021. It detected the most 0-days in this year but some positive insights that can be drawn too. Read more...

Google is making its ad experience more transparent

Usama Jawad — Thu, 23 Sep 2021 05:34:01 +0000

Advertiser pages are coming soon to Google's ad experience. They will allow consumers to make informed decisions about purchases based on disclosures and ads run by an advertiser in the past 30 days. Read more...

GitHub finally fixes 'high' severity security flaw reported by Google Project Zero

Usama Jawad — Sat, 21 Nov 2020 06:44:01 +0000

The "high" severity security flaw in GitHub publicly disclosed by Google's Project Zero team earlier this month has finally been patched. The security team has validated the fix and closed it. Read more...

Google discloses 'high' severity security flaw in GitHub

Usama Jawad — Tue, 03 Nov 2020 06:08:01 +0000

Google's Project Zero team has disclosed a "high" severity security flaw in GitHub following the latter's inability to provide a fix in the 104 days - which includes a grace period - allotted to it. Read more...

Google reveals "high severity" flaw in macOS kernel

Usama Jawad — Sun, 03 Mar 2019 08:12:01 +0000

Google's Project Zero has exposed a "high severity" flaw in macOS' kernel XNU - which apparently has issues in its implementation of copy-on-write behavior - after Apple failed to fix it in 90 days. Read more...

Spectre Variant 4 disclosed, mitigations to result in another performance hit

Usama Jawad — Tue, 22 May 2018 04:52:01 +0000

New variants of Spectre have been discovered by Microsoft and Google, which allow attackers to read privileged data. While mitigations will be available soon, they will result in a performance hit. Read more...

Big tech companies are defying U.S. authorities for the sake of transparency

Brockman Davis — Sun, 04 May 2014 21:56:38 +0000

Apple, Google, Microsoft, Facebook, and later, Yahoo, are making changes to their policies to try and step away from giving in to government requests for big data, which could be good and bad. Read more...

Carbonite updates Neowin about their Disclosure Policy

Chakkaradeep Chandran — Thu, 29 Jan 2009 19:03:32 +0000

Neowin reported earlier today that, an annoyed Carbonite customer who wanted to write reviews in Amazon.com regarding his experiences with Carbonite, found out that the high level employees of carbonite gave positive product reviews disguised... Read more...

Opera "sun.*" System Information Disclosure Weakness

Tue, 23 Nov 2004 02:03:24 +0000

Marc Schoenefeld has reported a weakness in Opera, which can be exploited by malicious people to disclose some system information. Opera accesses the JRE (Java Runtime Environment) directly instead of using the Java plugin. The... Read more...

Microsoft Internet Explorer Disclosure of Sensitive XML Info

Sat, 09 Oct 2004 22:44:04 +0000

Georgi Guninski has reported that a two year old vulnerability has been reintroduced in Microsoft Internet Explorer and can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to... Read more...

Flaw in NetBIOS Could Lead to Information Disclosure -824105

Daniel Fleshbourne — Wed, 03 Sep 2003 22:33:59 +0000

A security issue has been identified in Microsoft® Windows® that could allow an attacker to see information in your computer's memory over a network. You can help protect your computer by installing this update from... Read more...

Hacking up, disclosure down, FBI survey says

Mon, 08 Apr 2002 04:59:07 +0000

Most large corporations and government agencies have been attacked by computer hackers, but more often and more frequently they do not inform authorities of the breaches, an FBI survey finds. The survey released... Read more...

Security bug disclosure standard dead in the water

Mon, 18 Mar 2002 21:49:54 +0000

Proponents of an effort to standardize the handling of computer security vulnerabilities today aborted the effort after receiving critical comments from reviewers. In a message today to members of the Internet Engineering... Read more...

MSN Contact List Disclosure flaw

Steven Parker — Mon, 11 Feb 2002 11:19:32 +0000

Thanks Jon for sending this one in. Taken from a post bugtraq by Tom Micklovitch (dated Feb 8th): Exploit: Register an account for MSN messenger, make some contact email addresses, leave... Read more...