New Windows Security Bypass Alert For Chrome And Edge Users
It is no secret that Google's Chrome browser is beseiged by security vulnerabilities. The good news is that the vast majority of these vulnerabilities are discovered and disclosed by security researchers, including Google's own Threat Analysis Group, well before any attacker can exploit them. However, that's not always the case, as evidenced by numerous emergency browser security updates in response to confirmed zero-day vulnerabilities. What is less well known, especially amongst the large non-techie user base, is that Edge is built around the Chromium engine, so many of the same vulnerabilities impact it, and them. Given that another security issue has just emerged, and both Chrome and Edge users are at risk from it, in this case, a Windows security protection bypass, you might be asking if it is time to quit using both and find something else. Here's what you need to know.
The FileFix Windows Security Issue Putting Chrome And Edge Users At Risk
I first warned Forbes readers of the threat from something called a ClickFix attack in December 2024, and more recently reiterated that warning after Google issued a security alert in May.bNow, a new threat, called FileFix, has been discovered, and it's coming for your Chrome and Edge browsers if you are a Windows user.
Penetration tester and security researcher, mr.d0x, first discovered FileFix on June 23, but has now published details of a new variation that is of concern to all Windows browser users. This new attack threat exploits the way that both Chrome and Edge deal with saving web pages, and can bypass the Microsoft Windows security feature known as Mark of the Web. It does this by bringing together those browser web page saving methods and something known as HTML Application execution. In other words, FileFix can now bypass the Windows MotW security function by exploiting the way in which browsers save HTML pages.
The good news is that to pull off this latest FileFix exploit, an attacker would first need to persuade the victim into saving an HTML web page and then renaming it as an .HTA file in order to auto-execute the embedded JScript that does the actual damage. If that all sounds a little long-winded, that's because it is. However, don't be fooled, social engineering, or phishing if you prefer, can persuade normally sensible people into doing the most unlikely of things. The original ClickFix attacks, for example, asked users who were presented with a fake captcha test to open a Windows run dialog and enter commands to execute the exploit. That sounds unlikely, right? Yet enough people did just that for ClickFix to make the headlines and for the biggest of vendors to issue warnings to users.
Is It Time For Windows Users To Abandon Chrome And Edge?
The short answer to the question posed in the above sub-heading is: is it heck as like. For those of you not living in the Yorkshire countryside in England, that means no. The continuing deluge of vulnerabilities that impact Chrome and Edge and are disclosed month after month, sometimes week after week, is a good thing. How so? Because, for the most part, these vulnerabilities are being discovered before threat actors know about them, and browsers are updated to protect against them before they can attack. The odd few zero-days that emerge are dealt with as quickly as they can be. The point is, it's better the devil you know when it comes to security vulnerabilities. There are plenty of other reasons why you might want to change, those based around privacy concerns or dislike of certain vendors, but security vulnerability exposure isn't on my list.
I have reached out to Google and Microsoft regarding the latest FileFix exploit affecting Windows users.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Gizmodo
27 minutes ago
- Gizmodo
If You're a Prime Member, Amazon Is Including 2 Free AirTags for Prime Day
Apple is famously strict about discounts, and it rarely offers price drops even on the most affordable products. If you have to buy an AirTag, you'll usually pay $29 each on Apple's website. But this Prime Day, the prices are to be believed: a 4-pack of Apple AirTags for $67, which works out at about $16 an AirTag. To put it into perspective, four AirTags from Apple would run you $116 so this Prime Day discount is essentially… half price. The deal is only being offered to Prime members but if you aren't a member, you can just opt for the free 30-day trial in order to get access. If you don't need more than one, you can purchase the individual AirTag from Amazon for $22 rather than the normal price of $29. See 4-pack AirTags at Amazon See 1X AirTag at Amazon If you want an easy way of keeping tabs on your most valuable items, Apple's AirTag is a great choice. The AirTag is designed to help you find your keys, wallet, purses, backpack, or whatever you want to keep tabs on. It's as simple to pair an AirTag as it is to say: just bring it close to your iPhone or iPad and a one-touch setup will link it to your Apple ID immediately. You can then use the Find My app to locate your item at any time. The AirTag leverages Apple's massive Find My network and uses hundreds of millions of Apple devices to help you find lost things. When your AirTag is out of Bluetooth range, it can still be tracked by nearby Apple devices with communication encrypted and anonymous to maintain your information security. Your location data will never be transferred or stored on the AirTag itself. Precision Finding is another major advantage: It uses Ultra Wideband technology to take you directly to your lost item with compatible iPhone models. To find your keys throughout the house, you can make a sound from the internal speaker in the AirTag or ask Siri. If you've lost something in an airport or a coffee shop, you can put the AirTag in Lost Mode to receive a notification the instant it gets detected by another device on the Find My network. The AirTag is meant to last with a replaceable battery that still works after over a year and an IP67 rating for water and dust protection. That is, you can forget about rain, spills, or everyday bumps and drops. It's very small and light so you can stick it in a wallet, attach it to your keys or stash it in your bag without it adding bulk. At $67 for a 4-pack, this Prime Day deal is the best opportunity you'll find to upgrade (better than during Black Friday) your tracking game. See 4-pack AirTags at Amazon See 1X AirTag at Amazon
Yahoo
30 minutes ago
- Yahoo
CoreWeave to Acquire Core Scientific
Verticalizes Data Center Ownership to Help Future-Proof Revenue Growth and Enhance Core Profitability LIVINGSTON, N.J. & AUSTIN, Texas, July 07, 2025--(BUSINESS WIRE)--CoreWeave (NASDAQ: CRWV), the AI Hyperscaler™, and Core Scientific (NASDAQ: CORZ), a leading data center infrastructure provider, today announced that they have signed a definitive agreement under which CoreWeave will acquire Core Scientific in an all-stock transaction. Under the terms of the merger agreement, Core Scientific stockholders will receive 0.1235 newly issued shares of CoreWeave Class A common stock for each share of Core Scientific common stock based on a fixed exchange ratio. Following CoreWeave's successful IPO in March 2025, this acquisition will help CoreWeave verticalize its data center footprint to future-proof revenue growth and enhance profitability. Through this acquisition, CoreWeave will own approximately 1.3 GW of gross power across Core Scientific's national data center footprint1 with an incremental 1 GW+ of potential gross power available for expansion. "This acquisition accelerates our strategy to deploy AI and HPC workloads at scale," said Michael Intrator, CoreWeave's Chief Executive Officer, Chairman of the Board, and co-founder. "Verticalizing the ownership of Core Scientific's high-performance data center infrastructure enables CoreWeave to significantly enhance operating efficiency and de-risk our future expansion, solidifying our growth trajectory. Owning this foundational layer of our platform will enhance our performance and expertise as we continue helping customers unleash AI's full potential." Strategic Benefits of CoreWeave's Acquisition Operational Efficiency: CoreWeave expects to generate significant cost savings through streamlining business operations and eliminating lease overhead. Greater Financing Flexibility: CoreWeave can pursue infrastructure financing strategies to finance committed capital expenditures, reducing its overall cost of capital. Power Ownership and Optionality: CoreWeave will gain greater control over a critical power footprint and optionality for future power capacity. Expanded Expertise: Core Scientific's data center development capabilities complement and augment CoreWeave's extensive expertise in power procurement, construction, and site management for infrastructure assets. "As our longstanding partner, CoreWeave has experienced firsthand the operational excellence we deliver and the value of the services we provide," said Adam Sullivan, President and Chief Executive Officer of Core Scientific. "Together with CoreWeave, we will be well-positioned to accelerate the availability of world-class infrastructure for companies innovating with AI while delivering the greatest value for our shareholders, who will be able to participate in the tremendous upside potential of the combined company." Transaction DetailsThe transaction is expected to close in the fourth quarter of 2025, subject to customary closing conditions, including regulatory approval and approval by Core Scientific stockholders. Upon closing and under the terms of the agreement, which has been approved by the board of directors of each company, Core Scientific stockholders will receive 0.1235 newly issued shares of CoreWeave Class A common stock for each share of Core Scientific common stock held. As of July 3, 2025, the agreed-upon exchange ratio implies a total equity value of approximately $9.0 billion. This is calculated on a fully diluted basis and based on CoreWeave's 5-day VWAP. This represents a $20.40 per share value based on the closing price of CoreWeave Class A common stock as of July 3, 2025, and a premium of approximately 66% to the unaffected Core Scientific closing share price of $12.30 on June 25, 2025. The final value will be determined at the time of transaction close. Upon close, CoreWeave expects Core Scientific's stockholders' ownership of the combined company will be less than 10%. Financial Impact Immediate elimination of over $10 billion of cumulative future lease overhead to be paid for existing contractual sites over the next 12 years. Leverage neutral impact to CoreWeave while opening access to diverse financing sources at a more attractive cost of capital. Including the elimination of the lease overhead, this deal adds $500 million of estimated fully ramped, annual run rate cost savings by the end of 2027 through streamlined operational focus. Potential to repurpose toward HPC usage or divest crypto mining business over the medium-term horizon. (1) Represents ~840 existing gross MW power supporting CoreWeave's HPC contracts and ~500 gross MW crypto mining data center power capacity Investor CallCoreWeave will hold an investor call on July 7, 2025, at 8:45 AM ET. The conference call will be accessible through a live webcast via CoreWeave's investor relations page ( A replay of the call will also be available on CoreWeave's investor relations page. AdvisorsGoldman Sachs & Co. LLC is acting as financial advisor, and Davis Polk & Wardwell LLP and Kirkland & Ellis LLP are acting as legal counsel to CoreWeave. Moelis & Company LLC and PJT Partners LP are acting as financial advisors, and Wachtell Lipton Rosen & Katz is acting as legal counsel to Core Scientific. About CoreWeaveCoreWeave, the AI Hyperscaler™, delivers a cloud platform of cutting-edge software powering the next wave of AI. The company's technology provides enterprises and leading AI labs with cloud solutions for accelerated computing. Since 2017, CoreWeave has operated a growing footprint of data centers across the US and Europe. CoreWeave was ranked as one of the TIME100 most influential companies and featured on Forbes Cloud 100 ranking in 2024. Learn more at About Core ScientificCore Scientific is a leader in digital infrastructure for high-density colocation services and digital asset mining. We operate dedicated, purpose-built facilities for digital asset mining and are a premier provider of digital infrastructure, software solutions and services to our third-party customers. We employ our own large fleet of computers ("miners") to earn digital assets for our own account and to provide hosting services for large digital asset mining customers and we are in the process of allocating and converting a significant portion of our ten facilities in Alabama (1), Georgia (2), Kentucky (1), North Carolina (1), North Dakota (1), Oklahoma (1) and Texas (3) to support artificial intelligence-related workloads under a series of contracts that entail the modification of certain of our data centers to deliver next generation colocation services. We derive the majority of our revenue from earning digital assets for our own account ("self-mining"). To learn more, visit Important Information about the Transaction and Where to Find ItIn connection with the proposed transaction between CoreWeave, Inc. ("CoreWeave") and Core Scientific, Inc. ("Core Scientific"), CoreWeave and Core Scientific will file relevant materials with the U.S. Securities and Exchange Commission (the "SEC"), including a registration statement on Form S-4 filed by CoreWeave that will include a proxy statement of Core Scientific that also constitutes a prospectus of CoreWeave. A definitive proxy statement/prospectus will be mailed to stockholders of Core Scientific. This communication is not a substitute for the registration statement, proxy statement or prospectus or any other document that CoreWeave or Core Scientific (as applicable) may file with the SEC in connection with the proposed transaction. BEFORE MAKING ANY VOTING OR INVESTMENT DECISION, INVESTORS AND SECURITY HOLDERS OF COREWEAVE AND CORE SCIENTIFIC ARE URGED TO READ THE REGISTRATION STATEMENT, THE PROXY STATEMENT/PROSPECTUS AND ANY OTHER RELEVANT DOCUMENTS THAT ARE FILED OR WILL BE FILED WITH THE SEC, AS WELL AS ANY AMENDMENTS OR SUPPLEMENTS TO THESE DOCUMENTS, CAREFULLY AND IN THEIR ENTIRETY WHEN THEY BECOME AVAILABLE BECAUSE THEY CONTAIN OR WILL CONTAIN IMPORTANT INFORMATION ABOUT THE PROPOSED TRANSACTION AND RELATED MATTERS. Investors and security holders may obtain free copies of the registration statement and the proxy statement/prospectus (when they become available), as well as other filings containing important information about CoreWeave or Core Scientific, without charge at the SEC's Internet website ( Copies of the documents filed with the SEC by CoreWeave will be available free of charge on CoreWeave's internet website at or by contacting CoreWeave's investor relations contact at investor-relations@ Copies of the documents filed with the SEC by Core Scientific will be available free of charge on Core Scientific's internet website at The information included on, or accessible through, CoreWeave's or Core Scientific's website is not incorporated by reference into this communication. Participants in the SolicitationCoreWeave, Core Scientific, their respective directors and certain of their respective executive officers may be deemed to be participants in the solicitation of proxies in respect of the proposed transaction. Information about the directors and executive officers of Core Scientific is set forth in its proxy statement for its 2025 annual meeting of stockholders, which was filed with the SEC on March 28, 2025 (and which is available at in its Form 10-K for the fiscal year ended December 31, 2024, which was filed with the SEC on February 27, 2025 (and which is available at and in its Form 8-K, which was filed with the SEC on May 16, 2025 (and which is available at Information about the directors and executive officers of CoreWeave is set forth in CoreWeave's Prospectus dated March 27, 2025, which was filed with the SEC on March 31, 2025 pursuant to Rule 424(b) under the Securities Act of 1933, as amended, relating to the Registration Statement on Form S-1, as amended (File No. 333-285512) (and which is available at These documents can be obtained free of charge from the sources indicated above. Additional information regarding the participants in the proxy solicitations and a description of their direct or indirect interests, by security holdings or otherwise, will be contained in the proxy statement/prospectus and other relevant materials filed with the SEC when they become available. No Offer or SolicitationThis communication is for informational purposes only and is not intended to, and shall not, constitute an offer to sell or the solicitation of an offer to buy any securities or a solicitation of any vote or approval, nor shall there be any offer, solicitation or sale of securities in any jurisdiction in which such offer, solicitation or sale would be unlawful prior to registration or qualification under the securities laws of any such jurisdiction. No offering of securities shall be made except by means of a prospectus meeting the requirements of Section 10 of the U.S. Securities Act of 1933, as amended. Forward-Looking StatementsThis communication contains "forward-looking statements" within the meaning of the federal securities laws, including Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. In this context, forward-looking statements often address future business and financial events, conditions, expectations, plans or ambitions, and often contain words such as "expect," "anticipate," "intend," "plan," "believe," "seek," "see," "will," "would," "target," similar expressions, and variations or negatives of these words, but not all forward-looking statements include such words. Forward-looking statements by their nature address matters that are, to different degrees, uncertain, such as statements about the consummation of the proposed transaction and the anticipated benefits thereof. All such forward-looking statements are based upon current plans, estimates, expectations and ambitions that are subject to risks, uncertainties and assumptions, many of which are beyond the control of CoreWeave and Core Scientific, that could cause actual results to differ materially from those expressed in such forward-looking statements. Important risk factors that may cause such a difference include, but are not limited to: the completion of the proposed transaction on anticipated terms, or at all, and timing of completion, including obtaining regulatory approvals that may be required on anticipated terms and Core Scientific stockholder approval for the proposed transaction; anticipated tax treatment, unforeseen liabilities, future capital expenditures, revenues, expenses, earnings, synergies, economic performance, indebtedness, financial condition, losses, future prospects, business and management strategies for the management, expansion and growth of the combined company's operations and other conditions to the completion of the proposed transaction, including the possibility that any of the anticipated benefits of the proposed transaction will not be realized or will not be realized within the expected time period; the ability of CoreWeave and Core Scientific to integrate their businesses successfully and to achieve anticipated synergies and value creation; potential litigation relating to the proposed transaction that could be instituted against CoreWeave, Core Scientific or their respective directors and officers; the risk that disruptions from the proposed transaction will harm CoreWeave's or Core Scientific's business, including current plans and operations and that management's time and attention will be diverted on transaction-related issues; potential adverse reactions or changes to business relationships resulting from the announcement or completion of the proposed transaction; rating agency actions and CoreWeave's and Core Scientific's ability to access short- and long-term debt markets on a timely and affordable basis; legislative, regulatory and economic developments and actions targeting public companies in the artificial intelligence, power, data center and crypto mining industries and changes in local, national or international laws, regulations and policies affecting CoreWeave and Core Scientific; potential business uncertainty, including the outcome of commercial negotiations and changes to existing business relationships during the pendency of the proposed transaction that could affect CoreWeave's and/or Core Scientific's financial performance and operating results; certain restrictions during the pendency of the proposed transaction that may impact Core Scientific's ability to pursue certain business opportunities or strategic transactions or otherwise operate its business; acts of terrorism or outbreak of war, hostilities, civil unrest, attacks against CoreWeave or Core Scientific and other political or security disturbances; dilution caused by CoreWeave's issuance of additional shares of its securities in connection with the proposed transaction; the possibility that the transaction may be more expensive to complete than anticipated, including as a result of unexpected factors or events; the impacts of pandemics or other public health crises, including the effects of government responses on people and economies; global or regional changes in the supply and demand for power and other market or economic conditions that impact demand and pricing; changes in technical or operating conditions, including unforeseen technical difficulties; development delays at CoreWeave and/or Core Scientific data center sites, including any delays in the conversion of such sites from crypto mining facilities to high-performance computing sites; those risks described in the section titled "Risk Factors" in CoreWeave's Prospectus dated March 27, 2025, filed with the SEC on March 31, 2025 pursuant to Rule 424(b) under the Securities Act of 1933, as amended, relating to the Registration Statement on Form S-1, as amended (File No. 333-285512), Item 1A of CoreWeave's Quarterly Report on Form 10-Q for the quarterly period ended March 31, 2025, filed with the SEC on May 15, 2025 and subsequent reports on Forms 10-Q and 8-K; those risks described in Item 1A of Core Scientific's Quarterly Report on Form 10-Q for the quarterly period ended March 31, 2025, filed with the SEC on May 7, 2025, Item 1A of Core Scientific's Annual Report on Form 10-K for the fiscal year ended December 31, 2024, filed with the SEC on February 27, 2025 and subsequent reports on Forms 10-Q and 8-K; and those risks that will be described in the registration statement on Form S-4 and accompanying prospectus, available from the sources indicated above. These risks, as well as other risks associated with the proposed transaction, will be more fully discussed in the proxy statement/prospectus that will be included in the registration statement on Form S-4 that will be filed with the SEC in connection with the proposed transaction. While the list of factors presented here is, and the list of factors to be presented in the registration statement on Form S-4 will be, considered representative, no such list should be considered to be a complete statement of all potential risks and uncertainties. Unlisted factors may present significant additional obstacles to the realization of forward-looking statements. You should not place undue reliance on any of these forward-looking statements as they are not guarantees of future performance or outcomes; actual performance and outcomes, including, without limitation, CoreWeave's or Core Scientific's actual results of operations, financial condition and liquidity, and the development of new markets or market segments in which CoreWeave or Core Scientific operate, may differ materially from those made in or suggested by the forward-looking statements contained in this communication. Neither CoreWeave nor Core Scientific assumes any obligation to publicly provide revisions or updates to any forward-looking statements, whether as a result of new information, future developments or otherwise, should circumstances change, except as otherwise required by securities and other applicable laws. Neither future distribution of this communication nor the continued availability of this communication in archive form on CoreWeave's or Core Scientific's website should be deemed to constitute an update or re-affirmation of these statements as of any future date. View source version on Contacts CoreWeave Media Contact: Press@ CoreWeave Investor Relations: Investor-Relations@ Core Scientific Media Contact: Joseph Sala / Mahmoud SiddigJoele Frank, Wilkinson Brimmer Katcher212-355-4449Core Scientific Investor Relations: ir@ Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
30 minutes ago
- Yahoo
CoreWeave, Core Scientific shares sink after companies confirm $9 billion deal amid AI datacenter boom
AI cloud computing giant CoreWeave (CRWV) said Monday it would acquire data center provider Core Scientific (CORZ) in an all-stock transaction valued at $9 billion. The deal will see Core Scientific investors granted 0.1235 shares of CoreWeave for each share of Core Scientific. Shares of both companies fell sharply following the announcement, with CoreWeave stock falling 4.5% and Core Scientific shares dropping as much as 20%. Core Scientific shares had gained about 50% since The Wall Street Journal first reported a deal was in the works in late June. The deal, which is set to be completed in Q4, will expand CoreWeave's capabilities to support large-scale AI development by bringing in a potential two gigawatts or more of power capacity in-house through Core Scientific's nation-wide data center infrastructure, the company said in a release. CoreWeave added the move will expand its vertical expansion across the AI supply chain, adding energy infrastructure that provides runway for the significant power demands of AI cloud computing technology. "Verticalizing the ownership of Core Scientific's high-performance data center infrastructure enables CoreWeave to significantly enhance operating efficiency and de-risk our future expansion, solidifying our growth trajectory," CoreWeave CEO and chairman Michael Intrator said in a release. The deal is also set to eliminate $10 billion or more in future overhead from leasing costs for sites CoreWeave currently contracts from Core Scientific while bringing in approximately $1.6 billion in assets, CoreWeave said in an investor presentation outline deal specifics. CoreWeave predicts the deal will be leverage-neutral for its balance sheet. CoreWeave went public earlier this year in one of the year's highest-profile IPOs, marking a rebound for new deals defined by some of the biggest companies going public garnering the most support from investors. The company now sports a market cap north of $75 billion; the company was valued at closer to $20 billion in its last private fundraising round. Sign in to access your portfolio
