News
Google Chrome Exploit Results In Attack On Lebanese Journalists
According to antivirus company Avast, there is evidence that an Israeli spyware firm called Candiru used a vulnerability in Google Chrome to spy on journalists in Lebanon.
In early July 2022, Google patched a previously unknown vulnerability in its Chrome browser, known as CVE-2022-2294. The zero-day Chrome exploit only came to light after it was apparently used to spy on journalists in Lebanon.
Antivirus company, Avast, collated a report, which it delivered to Google detailing the zero-day exploit. In this report, Avast claims that Israeli spyware firm, Candiru, used the exploit to install spyware on the journalist’s computers.
It equally believes that the firm has used similar exploits to target Avast users in Turkey, Lebanon, Palestine and Yemen beginning in March of this year.
A zero-day exploit is, in short, a vulnerability in a piece of software that is unknown to the developers. They are typically discovered in the wild for this reason, and are known as zero-day because the developers have zero days in which to address the issue. This is because the vulnerability has the potential to cause damage from the moment it is discovered.
Avast alleges that Candiru used the above-mentioned exploit to gain access to user’s computers. It is believed to have compromised a website, which it used to redirect users to a server that could collect their data. If the data – collected on 50 data points such as location, language, time zone, etc. – met their requirements, the server would establish an encrypted channel.
Despite not claiming responsibility, Candiru is the prime suspect in the attack because the CVE-2022-2294 exploit was used to install the DevilsTongue spyware. This is a piece of malware previously linked to the group by Microsoft in a separate string of attacks.
In its report, Avast claims that the zero-day exploit was used alongside another vulnerability capable of bypassing the sandbox security function in Chromium. However, Avast has (as yet) been unable to determine the second exploit used by the alleged attackers.
Also Read: DDoS Attacks Are A Growing Threat In Gaming
Luckily, Google released a patch for the exploit on July 4. As such, there is no need for Chrome users to be concerned, providing browsers are kept up to date. Microsoft and Apple have released patches for their Edge and Safari browsers, too, as they also use WebRTC.
Candiru has not yet been officially connected to the incident, so its involvement is currently (albeit well-informed) speculation. However, the tools used and computers targeted matches its previous spyware attempts dating from 2021 and early 2022. As the company has no public online presence, this fact is unlikely to change anytime soon.
News
OpenAI’s ChatGPT Health Is A Private Space For Health Data
A new health mode lets the popular AI platform tap medical records and fitness apps while walling off sensitive information.
OpenAI has created ChatGPT Health, a separate space inside its chatbot platform for handling medical and wellness data. The opt-in feature starts with a small US cohort before widening out.
Health-related questions have long driven traffic to AI tools. OpenAI says over 230 million people ask ChatGPT about health or insurance each week. The new mode adds personal context to that behavior but stops short of diagnosis or treatment advice.
Users can connect records from participating US providers through b.well and link apps such as Apple Health, MyFitnessPal, Function and Weight Watchers. Some links are US-only, while Apple Health needs iOS. Once connected, ChatGPT can surface patterns in labs, summarize information ahead of a clinic visit or help map diet and exercise choices against past data.
The data sits apart from other chat information. Health has its own memories and does not spill into other conversations. Users can view or delete health memories at any time. OpenAI says this material is not used to train its models.
Security is much heavier in this section too. Health adds isolation and purpose-built encryption on top of the platform’s baseline protections. App connections require explicit permission, and disconnecting cuts the feed immediately.
“ChatGPT Health is another step toward turning ChatGPT into a personal super-assistant that can support you with information and tools to achieve your goals across any part of your life,” wrote Fidji Simo, OpenAI’s applications chief.
Also Read: Deliverect Rolls Out Self-Order Kiosks Across MENA
Physicians had input during development, though OpenAI has not detailed how that shaped the end product. The launch follows Health Bench, a dataset released in May to test models on realistic medical cases.
While currently rooted in the US healthcare ecosystem, the approach may draw interest in the Gulf and wider MENA markets as governments push digital health records and patient portals under modernization programs. Adoption will depend on whether users trust an AI assistant with such personal material and whether it fits clinical routines.
For OpenAI, the move marks a cautious step into regulated terrain and signals a shift toward sector-specific uses of generative AI.
OpenAI’s ChatGPT Health Is A Private Space For Health Data
Deliverect Rolls Out Self-Order Kiosks Across MENA
Emirates Post Issues Stamp Set Celebrating AI In UAE Schools
Belkin Launches Wireless HDMI Adapter With 131-Foot Range
LEGO Unveils Smart Brick Platform At CES 2026
Clicks Bets On Physical Keyboards With CES 2026 Launch
Samsung Galaxy S26 Ultra Leaks Point To February 2026 Reveal
Syria Rolls Out First National Tourism Discount Card
Riyadh Air And Huawei Partnership To Shape Future Of Air Travel
