During normal browsing on YouTubeYouTube is an American video-sharing website headquartered in San Bruno, California. Three former Pa... More, at some point, the antivirus AvastAvast Software s.r.o. is a Czech multinational cybersecurity software company headquartered in Pragu... More reported something that was not good.
From the Chrome Inspector it appears that one of the ads is infected and tries to load a crypto miner from Coinhive
Everything has been reported to Google, now I await the answer.
What is a XSS attack?
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. XSS enables attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
If you use Thunderbird and plugins like Enigmail you have the option to import all PGP keysPretty Good Privacy (PGP) encryption program provides cryptographic privacy and authentication for d... More related to email addresses that are present in your address book.
First of all you need is to specify a key serverIn computer security, a key server is a computer that receives and then serves existing cryptographi... More, like pgp.mit.edu, then the plugin, for every single email address, will look for corresponding PGP key and will prompt you if you want to import results.
But, some times, the key is not what you’ll expect.
Some entries contains invalid data, and to be more specific, can contain malicious code.
Keep your eyes open, and avoid mass import of PGP keysPretty Good Privacy (PGP) encryption program provides cryptographic privacy and authentication for d... More.