vulnerability

Critical Linux bug opens systems to compromise
Researchers from the Polytechnic University of Valencia have discovered a critical flaw that can allow attackers – both local and remote – to obtain root shell on …

Key causes of network outages and vulnerabilities
A new global study, conducted by Dimensional Research, surveyed 315 network professionals about their experiences with network outages, vulnerabilities and compliance. How …

Compromised: 339 million AdultFriendFinder users
Friend Finder Networks, the company that operates sites like Adultfriendfinder.com (“World’s largest sex & swinger community”), and Cams.com …

OAuth2.0 implementation flaw allows attackers to pop Android users’ accounts
Incorrect OAuth2.0 implementation by third party mobile app developers has opened users of those apps to account compromise, three researchers from the Chinese University of …

Tech support scammers use old bug to freeze browsers
Tech support scammers are exploiting a bug that maxes out users’ CPU and memory capability and effectively freezes the browser and possibly the computer, in an attempt …

Exposing voting machine vulnerabilities
Cylance announced the successful exploitation of critical vulnerabilities in a common model of voting machine. The exploitation of these vulnerabilities was previously thought …

GitLab plugs critical flaw in its code repository manager software
GitLab (the company) has pushed out security updates for both the Community Edition (CE) and Enterprise Edition (EE) of the GitLab software, fixing a critical security flaw in …

Cisco plugs critical hole in Prime Home management platform
Cisco has released nine security alerts on Wednesday, and among these are two for critical vulnerabilities in its ASR 900 Series routers and the Cisco Prime Home management …

65% of Windows devices still running Windows 7, released in 2009
To analyze the current state of device security, Duo Security analyzed more than two million devices, 63 percent of which were running Microsoft operating systems. Seriously …

Google warns of actively exploited Windows zero-day
Google has disclosed to the public the existence of a Windows zero-day vulnerability (CVE-2016-7255) that is being actively exploited in the wild. According to Neel Mehta and …

Most unpatched Joomla sites compromised in latest wave of attacks
If you run a Joomla-based website and you haven’t implemented the latest security release of the CMS, your site has been almost surely compromised. According to Sucuri …

New code injection attack works on all Windows versions
Researchers from security outfit enSilo have uncovered a new code injection technique that can be leveraged against all Windows versions without triggering current security …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025