vulnerability
Critical Samba code execution hole plugged, patch ASAP!
The developers of Samba have plugged a critical remote code execution flaw that could allow a malicious client to upload a shared library to a writable share, and then cause …
Samsung Galaxy S8 iris scanner can be fooled with a printed photo
After demonstrating how easily Apple’s Touch ID can be fooled with a user fingerprint photographed from a glass surface, Chaos Computer Club (CCC) hacker …
Hackers can use subtitles to take over millions of devices running VLC, Kodi, Popcorn Time and Stremio
Check Point researchers revealed a new attack vector threatening millions of users of popular media players, including VLC, Kodi (XBMC), Popcorn Time and Stremio. By crafting …
SCADA systems plagued by insecure development and slow patching
“Behind most modern conveniences, there exists a SCADA system somewhere that controls them,” Trend Micro researchers pointed out in a new report that delves in the …
Who’s responsible for fixing SS7 security issues?
The WannaCry ransomware onslaught has overshadowed some of the other notable happenings this month, including the spectacular Google-themed phishing/spamming attack, and the …
Joomla users: Update immediately to kill severe SQLi vulnerability
Version 3.7 of Joomla, pushed out less than a month ago, opens websites to SQL injection attacks, Sucury Security researchers have found. As explained by researcher …
Who are we kidding? WannaCry is not a first
On Friday, May 12, 2017, the world was alarmed to discover that cybercrime has reached a new record, in a widespread ransomware attack dubbed WannaCry that is believed to have …
Apple issues security updates for macOS, iDevices
It’s time to patch your Mac, iDevices and software again: Apple has released security updates for MacOS (all the way back to Yosemite), iOS, watchOS, tvOS, iTunes, …
Stealing Windows credentials using Google Chrome
Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways but usually limited to …
HP pushes out fix for keylogging audio driver in its laptops
Swiss security consultancy Modzero revealed on Thursday that a number of HP laptops contain an audio driver that logs users’ keystrokes and stores them in an unencrypted …
40 Asus RT routers open to attack through web interface vulnerabilities
If you own an Asus RT wireless router, and you haven’t updated its firmware for a while, now is the time to do it. Researchers from Nightwatch Cybersecurity have …
Defeating Magento security mechanisms: Attacks used in the real world
DefenseCode recently discovered and reported multiple stored cross-site scripting and cross-site request forgery vulnerabilities in Magento 1 and 2 which will be addressed in …
Featured news
Resources
Don't miss
- The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
- Treating AI agents like service accounts for federated query security
- Malware ships with bugs that defenders could use against it
- Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)
- CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)