Microsoft issued Fix it for actively exploited IE 0-day
Microsoft has yesterday unexpectedly released a security advisory warning users about instances of active exploitation of a vulnerability found in all supported versions of …
Attacks targeting unsupported Java 6 are on the rise
As predicted at the end of 2012 and proved by the ever expanding use of exploit kits, vulnerabilities in popular and widespread software such as Java and Adobe’s Acrobat …
Shielding targeted applications
When we discuss exploit prevention, we often talk about “targeted applications.’ This term refers to end-user applications which can be exploited by hackers for …
Where RFI attacks fall in the security threat landscape
New research from Incapsula yielded a few interesting facts about RFI attacks. The data for the report was collected by monitoring billions of web sessions over a 6-month …
Joomla exploit doing rounds, users advised to update
Users who run their sites own sites and use the Joomla CMS but haven’t updated it in a while should do so immediately if they don’t want to see their sites …
Tor users targeted with spyware following anonymous Web-host shutdown
The news that the alleged owner of Freedom Hosting, the internet host for a great number of Tor hidden services, has been arrested and is accused of distributing and promoting …
McAfee ePolicy Orchestrator exploitation tool
US-CERT’s latest advisory focuses on an exploit tool for McAfee ePolicy Orchestrator. The tool targets two vulnerabilities found in ePO versions 4.6.5 and earlier. In …
POC code for critical Android bug published
Last week, researchers from Bluebox Security have made a disconcerting revelation: Google’s Android mobile OS carries a critical bug that allows attackers to modify the …
Malwarebytes acquires ZeroVulnerabilityLabs
Malwarebytes, a provider of anti-malware software, announced the acquisition of ZeroVulnerabilityLabs, a vulnerability, exploit and security research and development firm …
F-Secure advances fight against exploits
Exploitation of software vulnerabilities has become one of the most popular ways to gain access to users’ machines, but F-Secure is reinforcing its exploit defenses with …
Rogue employees, malware exploits and unauthorized software
While IT security professionals recognize the threat posed by unwitting employees, many still admit to allowing administrative privileges to go unmanaged, making organizations …
Google researcher publishes Windows 0-day exploit
Less than two weeks after Google researcher Tavis Ormandy released information about a new Windows zero-day vulnerability on the Full Disclosure mailing list and asked for …
Featured news
Resources
Don't miss
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028)