Homebrew 6.0 released with new security mechanism, Linux sandbox and more
Homebrew was "less vulnerable 10 years ago than npm is today," project lead tells us
Sandboxing isolates untrusted code or files so analysts and security tools can observe behavior and limit damage from malware.
Search across headline titles and summaries.
Background for this topic.
A sandbox is an isolated environment for running or inspecting software, files, or workloads without giving them the same access as the host system. In security, it commonly supports malware analysis, suspicious-file detonation, browser and application isolation, and safe testing of potentially vulnerable code. Isolation may rely on virtual machines, containers, operating-system controls, or combinations of these mechanisms.
Sandboxes reduce risk but are not automatically safe: vulnerabilities in the sandbox or hypervisor can enable an escape, and malware may detect analysis conditions and change its behavior. Effective deployments restrict privileges, filesystem access, credentials, and network connectivity; reset environments after use; and monitor activity. Analysts should also protect submitted samples, which can contain confidential data. Sandbox observations can supply threat-intelligence indicators and help validate detections, but a clean result is not proof that code is benign.
Weekly headline count for the current query.
Homebrew was "less vulnerable 10 years ago than npm is today," project lead tells us
All have patches, so make sure you upgrade to a fixed version
Another day, another AI bug silently fixed with no CVE and no public disclosure
No reports of active exploitation (yet) Watch out for more Fortinet vulns! Two critical bugs in Fortinet's sandbox could allow unauthenticated attackers to bypass authentication or execute unauthorized code on vulnerable systems.…
High-severity CSS flaw let malicious webpages run code inside the sandbox Google has quietly pushed out an emergency Chrome fix after attackers were caught exploiting the browser's first reported zero-day of 2026.…
Chrome will keep third-party cookies, a loss for privacy but a win for web ad rivals After six years of work, Google's Privacy Sandbox, technology for delivering ads while protecting privacy, looks like dust in the wind.…
Single click on a phishing link in Google browser blew up sandbox on Windows Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia.…
‘MirrorFace’ group found ways to run malware in the Windows sandbox, which is worrying Japan’s National Police Agency and Center of Incident Readiness and Strategy for Cybersecurity have confirmed third party reports of attacks on local orgs by publishing details of a years-long series of attacks attributed to a China-backed source.…
Yes, you can be fingerprinted and tracked via Privacy Sandbox – tho the risk isn't as high as feared Apple last week celebrated a slew of privacy changes coming to its Safari browser and took the time to bash rival Google for its Topics system that serves online ads based on your Chrome history.…
Chocolate Factory accused of misleading Chrome browser users Updated Privacy campaigner noyb has filed a GDPR complaint regarding Google's Privacy Sandbox, alleging that turning on a "Privacy Feature" in the Chrome browser resulted in unwanted tracking by the US megacorp.…
Ad tech rewrite to replace web cookies still not to regulatory taste The UK Competition and Markets Authority (CMA) still has privacy and competition concerns about Google's Privacy Sandbox advertising toolkit, which explains why the ad giant recently again delayed its plan to drop third-party cookies in Chrome until 2025.…
Privacy Sandbox slips into 2025 after challenges from UK authorities Google's plan to phase out third-party cookies in Chrome is being postponed to 2025 amid wrangling with the UK's Competition and Markets Authority (CMA) and Information Commissioner's Office (ICO).…
Leaked draft report says stated goals still come up short Google's Privacy Sandbox, which aspires to provide privacy-preserving ad targeting and analytics, still isn't sufficiently private.…
Chocolate Factory's ad tech renovation is moving ahead, like it or not Google on Tuesday began rolling out a beta test of its Privacy Sandbox software for a small portion of Android 13 devices to learn how its purportedly privacy-protecting ad tech actually performs.…
High-spec system is crucial to defending against the latest threats Two of the US government's leading security agencies are building a machine learning-based analytics environment to defend against rapidly evolving threats and create more resilient infrastructures for both government entities and private organizations.…
Oh, serve me ads, lots of ads, under clouded eyes above, just fence me in Google in the next few days plans to begin testing fenced frames, a proposed web API to help its Privacy Sandbox ad technologies meet commitments to privacy of a sort.…
Web giant shocked, shocked, to find misuse of data going on in here Google plans to extend its rework of web ad technology – the optimistically named Privacy Sandbox – to Android devices in an effort to limit the misuse of data in its mobile ecosystem.…