vulnerability
Persistent XSS flaw in SharePoint 2013 revealed, patched
Among the vulnerabilities patched earlier this month by Microsoft is an important one that endangers users of Microsoft SharePoint 2013, a web application platform in the …
Android 5 bug allows attackers to easily unlock password-protected devices
If you own a mobile device running any Android 5 version but the very last (v5.1.1) and you use a password to lock your device, you will want to update your OS or switch to a …
Researchers find backdoor bug in NASA rovers’ real-time OS
A critical, remotely exploitable vulnerability in VxWorks, the world’s most popular real-time operating system (RTOS), can be exploited by attackers to gain backdoor …
FireEye legally censors crucial parts of a researcher’s talk at 44CON
Felix Wilhelm, a researcher with German security firm ERNW, was scheduled to give a talk at 44CON on Thursday about the critical vulnerabilities he and his colleagues found in …
Attack code for critical Android Stagefright flaw published
After having graciously waited for quite a while to publish the exploit for the Android Stagefright vulnerability (CVE-2015-1538) so that Google, mobile carriers and device …
Zero-day bugs in Kaspersky and FireEye products found, exploits disclosed
A slew of vulnerabilities – some already patched and some still not – have been revealed to affect several security offerings by some of the most trusted names in …
Vulnerabilities in WhatsApp Web affect 200 million users globally
Significant vulnerabilities can exploit WhatsApp Web, the web-based extension of the popular WhatsApp application for phones.The exploit can allow attackers to trick victims …
Seagate wireless hard drives open wide to attack
Several Seagate wireless hard-drives have been found to be affected by multiple vulnerabilities, the CERT Coordination Center of the Software Engineering Institute at Carnegie …
Hacker had access to sensitive info about Firefox bugs for over a year
Mozilla has announced on Friday that an attacker managed to access security-sensitive information about a considerable number of (at the time) unpatched Firefox …
Cisco squashes DoS bug in its unified infrastructure software
Cisco has released a patch for a serious remotely exploitable vulnerability affecting its Integrated Management Controller (IMC) Supervisor and Cisco UCS Director …
PayPal stored XSS vulnerability exposed
Bitdefender researchers have located a stored XSS vulnerability in PayPal that leaves the e-payment service open for hackers to upload maliciously crafted files, capable of …
Vulnerable gambling apps put corporate data at risk
Based on an analysis of hundreds of thousands of scans of mobile apps installed in actual corporate environments, Veracode found that the average global enterprise has …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025