Oracle plugs a host of critical Java vulnerabilities
Oracle’s Java SE Critical Patch Update for April 2013 contains 19 CVEs with CVSS base score of 10 (the highest you can go) indicating that exploiting the vulnerability …
Security firm publishes details about Java issue, asks for second opinion
Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has …
MiniDuke does not come only via email
Researchers from Kaspersky and CrySyS Lab continue to analyze the MiniDuke backdoor and have discovered two previously unknown infection mechanisms. Recently discovered to …
Malicious Java applet uses stolen certificate to run automatically
A signed but malicious applet that will apparently fool even the latest Java 6 update has been discovered on a German online dictionary website infected by the g01pack exploit …
Oracle releases emergency patch to fix exploited Java flaw
Oracle has released an out-of-band Java patch to fix the CVE-2013-1493 vulnerability that is currently being exploited in attacks in the wild. The security alert accompanying …
Dangerous beans: Oracle deep in the storm
Last week security researchers from FireEye discovered a new Java exploit that works against the latest versions of Java (version 6 update 41 and version 7 updated 15) making …
Oracle, Apple release critical updates for Java
Oracle has released on Tuesday a new Java SE Critical Patch Update. “This Critical Patch Update includes all fixes provided in the Oracle Java SE Critical Patch Update …
Oracle releases MySQL 5.6
Oracle today announced MySQL 5.6, the world’s most popular open source database. With increased performance, scalability, reliability and manageability, MySQL 5.6 helps …
Oracle rushes out emergency Java patch
If you’re still among the users who haven’t disabled Java in their browsers or on their computer, be advised that Oracle has released a critical patch update for …
Watering hole campaign targeting “Reporters without Borders” visitors
Watering hole attacks continue unabated and, according to Avast’s Director of Threat Intelligence Jindrich Kubec, the finger could be safely pointed to China once again. …
Newest Java update doesn’t fix fresh critical vulnerabilities
Another week, another zero-day threatening millions of Java users. As you might remember, last week Oracle released Java 7 Update 11, which patched the zero-day vulnerability …
Oracle delivers 86 security fixes
Oracle has had two major updates in the last 2 days. On Sunday, Jan. 13 a new version of Java 7 was released that addresses the 0-day vulnerability that has been exploited in …
Featured news
Resources
Don't miss
- The AI safety conversation is focused on the wrong layer
- Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)
- GitHub-hosted malware campaign uses split payload to evade detection
- Measuring security performance in real-time, not once a quarter
- Attackers are handing off access in 22 seconds, Mandiant finds