Apps based on Electron framework are vulnerable to attack

The Electron framework -- the basis of popular apps including Skype, Slack, Signal and WordPress -- has been found to contain a security flaw that leaves it vulnerable to attack. The GitHub-created tool has a vulnerability that allows hackers to execute arbitrary code on remote systems. CVE-2018-1000136 affects Electron 1.7.13 and older as well as Electron 1.8.4 and 2.0.0-beta.3, and the problem exists because of the interaction between Electron and Node.js. See also: Google will require OEMs to provide regular Android security updates Amazon now offers a smart home security installation service Google's Project Zero reveals security flaw in Windows… [Continue Reading]