vulnerability

Almost all Android users vulnerable to Accessibility Clickjacking attacks
Symantec researchers recently posited that Android banking malware with screen overlay capabilities might soon start tricking users into turning on Android’s Accessibility …

Bug in Symantec’s anti-virus engine can lead to system compromise
Google Project Zero researcher Tavis Ormandy has unearthed a critical remote code execution vulnerability in the anti-virus engine powering Symantec’s endpoint security …

Latest Flash 0day exploit delivered via booby-trapped Office file
Four days have passed since Adobe patched the latest Flash Player 0day vulnerability exploited in attacks in the wild and, in the meantime, we have been given more details …

Mozilla fights in court to get info about potential Firefox flaw
Mozilla has asked a Washington State District Court to compel FBI investigators to provide details about a vulnerability in the Tor Browser with them before they share it with …

SAP vulnerability exploited to compromise enterprises worldwide
A SAP vulnerability, patched over five years ago, is being leveraged to exploit SAP systems of many large-scale global enterprises, US-CERT warns. At least 36 organizations in …

Internet of Fail: How modern devices expose our lives
Should you sync your family’s calendar to your refrigerator or have it display photos? Samsung believes you should. They also think you need cameras that display the …

Web servers and sites under attack via ImageMagick zero-day flaw
A zero-day remote code execution flaw has been found in ImageMagick, an image processing library that allows image uploads from untrusted users (site visitors) and is widely …

Samsung’s smart home platform flaws let attackers fiddle with your doors
Researchers have managed to exploit design flaws in the Samsung SmartThings smart home programming platform and successfully mount a series of attacks that could result in …

Facebook vulnerability allowed access to personal and payment information
Bitdefender has discovered a significant vulnerability within Facebook which allowed access to any user account through simple social login manipulation. The attacker was able …

Shopware update fixes RCE bug that affects both shop and target system
Shopware, an open-source e-commerce software chosen by a number of big European companies to power their online shops, has recently pushed out a critical security update. The …

Critical flaws in HP Data Protector open servers to remote attacks
Hewlett Packard has released critical security updates for its HP Data Protector software, which fix vulnerabilities that could allow remote code execution or unauthorized …

Flaw allows eavesdropping and tracking of mobile phone users
German hacker Karsten Nohl has demonstrated to the crew of CBS News’ 60 Minutes program how easy it can be for well-resourced attackers to eavesdrop on the phone calls …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025