A dangerous vulnerability has been discovered in one of the standard Windows 11 applications that could lead to the disclosure of sensitive information to the user. Moreover, at the moment the vulnerability is not closed and attackers can use it.

We are talking about the application Snipping Tool (Scissors). The vulnerability, called aCropalypse, allows you to undo changes made by a user when editing a screenshot, including cropped or blurred parts that hide sensitive data.

When you edit a screenshot, you can save it with the same name as the original file by overwriting it. However, as it turns out, the Windows 11 Snipping Tool does not remove the original information from the file, but simply leaves it added at the end, which is usually invisible to users. With some trickery, a potential attacker can extract hidden information from a file and see what information has been edited.

As you can see, edited screenshots are usually much larger due to the inclusion of information from the original image.

This is a pretty serious vulnerability. For example, if you share a screenshot of an order confirmation page on Amazon, it may contain an address, the same goes for credit card numbers and other sensitive data.

The WhatsApp team announced the launch of new features that improve the experience of groups for both administrators and ordinary users. As noted in the press service, managing and navigating through groups will become easier.

Admins have new controls to control privacy in groups. Now admins will be able to accept or reject requests to join a group through an invite link or directly from the community.

For ordinary users, it became possible to easily view common groups. You can now find shared groups by contact name. This is convenient, for example, if the user needs to check which group an acquaintance belongs to with him.

The new features have begun rolling out and will be available to all WhatsApp users in the coming weeks.

Google has begun testing a useful innovation for its proprietary browser. In an early test build of Chrome, an option was made available to quickly disable all extensions without switching to incognito mode.

This is especially useful in cases where one of the extensions breaks the website or causes unwanted behavior on the website. Previously, in such cases, it was possible to open a tab in Incognito mode, instead of disabling each potentially problematic extension in sequence.

Now, with one click, you can activate the switch and disable all active extensions for this website at once. The new toggle is available to all Chrome Canary 113 users under the Extensions menu.

In its current implementation, the user would also have to manually refresh the page to load the site without extensions. However, in a future version, Chrome will offer to reload the page automatically.