vulnerability
Researchers find backdoor bug in NASA rovers’ real-time OS
A critical, remotely exploitable vulnerability in VxWorks, the world’s most popular real-time operating system (RTOS), can be exploited by attackers to gain backdoor …
FireEye legally censors crucial parts of a researcher’s talk at 44CON
Felix Wilhelm, a researcher with German security firm ERNW, was scheduled to give a talk at 44CON on Thursday about the critical vulnerabilities he and his colleagues found in …
Attack code for critical Android Stagefright flaw published
After having graciously waited for quite a while to publish the exploit for the Android Stagefright vulnerability (CVE-2015-1538) so that Google, mobile carriers and device …
Zero-day bugs in Kaspersky and FireEye products found, exploits disclosed
A slew of vulnerabilities – some already patched and some still not – have been revealed to affect several security offerings by some of the most trusted names in …
Vulnerabilities in WhatsApp Web affect 200 million users globally
Significant vulnerabilities can exploit WhatsApp Web, the web-based extension of the popular WhatsApp application for phones.The exploit can allow attackers to trick victims …
Seagate wireless hard drives open wide to attack
Several Seagate wireless hard-drives have been found to be affected by multiple vulnerabilities, the CERT Coordination Center of the Software Engineering Institute at Carnegie …
Hacker had access to sensitive info about Firefox bugs for over a year
Mozilla has announced on Friday that an attacker managed to access security-sensitive information about a considerable number of (at the time) unpatched Firefox …
Cisco squashes DoS bug in its unified infrastructure software
Cisco has released a patch for a serious remotely exploitable vulnerability affecting its Integrated Management Controller (IMC) Supervisor and Cisco UCS Director …
PayPal stored XSS vulnerability exposed
Bitdefender researchers have located a stored XSS vulnerability in PayPal that leaves the e-payment service open for hackers to upload maliciously crafted files, capable of …
Vulnerable gambling apps put corporate data at risk
Based on an analysis of hundreds of thousands of scans of mobile apps installed in actual corporate environments, Veracode found that the average global enterprise has …
Popular Android AppLock app full of gaping security holes
AppLock, by DoMobile, is a very popular Android app for limiting access to certain content on the device (text messages, photos, videos, etc.). The user decides what content …
JetAudio and JetVideo media player vulnerability allows arbitrary code execution
An arbitrary code execution in the JetAudio Basic (v8.1.3) and JetVideo media players for Windows allows potential attackers to craft a malicious .asf file that could …
Featured news
Resources
Don't miss
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
- TikTok videos + ClickFix tactic = Malware infection
- DanaBot botnet disrupted, QakBot leader indicted
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise