US-CERT warns users of potential email scams citing the earthquake in Nepal. The scam emails may contain links or attachments that may direct users to phishing or malware infected websites. Phishing emails and websites requesting donations for fraudulent charitable organizations commonly appear after these types of natural disasters.
US-CERT encourages users to take the following measures to protect themselves:
Google has released Chrome version 42.0.2311.135 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review the Google Chrome blog entry and apply the necessary updates.
WordPress 4.2 and prior versions contain critical cross-site scripting vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website.
Users and administrators are encouraged to review the WordPress Security Release and upgrade to WordPress 4.2.1.