
Critical flaw opens Netgear routers to hijacking
Several Netgear router models can be easily hijacked by remote, unauthenticated attackers, CERT/CC has warned on Friday. The vulnerability that allows this takeover can be …

Actively exploited Firefox, Tor Browser 0-day patched, update now!
Mozilla and the Tor Project have released security updates that fix the Firefox 0-day flaw that was spotted being exploited to de-anonymize Tor Browser users. It is still …

Firefox 0-day exploited in the wild to unmask Tor users
An anonymous user of the SIGAINT darknet email service has revealed the existence of a JavaScript exploit that is apparently being actively used to de-anonymize Tor Browser …

Researchers identify domain-level service credential exploit
CyberArk Labs unveiled new research detailing what it considers to be a significant risk across all Windows endpoints, including those on Windows 10 with Credential Guard …

Critical Linux bug opens systems to compromise
Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on …

Pawn Storm raced to pop many targets before Windows zero-day patch release
As promised, Microsoft provided this Tuesday a patch for the Windows zero-day (CVE-2016-7855) actively exploited by the Strontium (aka Pawn Storm) cyber espionage hacking …

OAuth2.0 implementation flaw allows attackers to pop Android users’ accounts
Incorrect OAuth2.0 implementation by third party mobile app developers has opened users of those apps to account compromise, three researchers from the Chinese University of …

Tech support scammers use old bug to freeze browsers
Tech support scammers are exploiting a bug that maxes out users’ CPU and memory capability and effectively freezes the browser and possibly the computer, in an attempt …

Latest Windows zero-day exploited by DNC hackers
Due to Google’s public release of information about an actively exploited Windows zero-day, Microsoft was forced to offer its own view of things and more information …

Most unpatched Joomla sites compromised in latest wave of attacks
If you run a Joomla-based website and you haven’t implemented the latest security release of the CMS, your site has been almost surely compromised. According to Sucuri …

Dirty COW Linux kernel zero-day exploited in the wild is now patched
Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm. The …

Researchers bypass ASLR by exploiting flaw in Intel chip
Researchers have found a design flaw in the branch predictor, a component of Intel’s Haswell processor, and have exploited it to bypass ASLR (Address Space Layout …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems