vulnerability
WD My Cloud NAS devices can be hijacked by attackers
Researchers with security consultancy VerSprite have unearthed several vulnerabilities in Western Digital’s My Cloud NAS product, which can be exploited by local and …
26 vulnerabilities found in parental monitoring application
A new Citizen Lab report details results of two independent audits of the privacy and security of Smart Sheriff, a parental monitoring application that has been promoted by …
Critical Bugzilla flaw allows access to unpatched vulnerability information
Mozilla has patched a critical vulnerability (CVE-2015-4499) in its popular open source bug-tracking Bugzilla software – a vulnerability that can be exploited by …
iOS 9 partially fixes critical, easily exploitable AirDrop bug
Apple has released iOS 9. Along with many new and improved security and privacy features, fixes for a bucketload of security vulnerabilities have been included in this latest …
Persistent XSS flaw in SharePoint 2013 revealed, patched
Among the vulnerabilities patched earlier this month by Microsoft is an important one that endangers users of Microsoft SharePoint 2013, a web application platform in the …
Android 5 bug allows attackers to easily unlock password-protected devices
If you own a mobile device running any Android 5 version but the very last (v5.1.1) and you use a password to lock your device, you will want to update your OS or switch to a …
Researchers find backdoor bug in NASA rovers’ real-time OS
A critical, remotely exploitable vulnerability in VxWorks, the world’s most popular real-time operating system (RTOS), can be exploited by attackers to gain backdoor …
FireEye legally censors crucial parts of a researcher’s talk at 44CON
Felix Wilhelm, a researcher with German security firm ERNW, was scheduled to give a talk at 44CON on Thursday about the critical vulnerabilities he and his colleagues found in …
Attack code for critical Android Stagefright flaw published
After having graciously waited for quite a while to publish the exploit for the Android Stagefright vulnerability (CVE-2015-1538) so that Google, mobile carriers and device …
Zero-day bugs in Kaspersky and FireEye products found, exploits disclosed
A slew of vulnerabilities – some already patched and some still not – have been revealed to affect several security offerings by some of the most trusted names in …
Vulnerabilities in WhatsApp Web affect 200 million users globally
Significant vulnerabilities can exploit WhatsApp Web, the web-based extension of the popular WhatsApp application for phones.The exploit can allow attackers to trick victims …
Seagate wireless hard drives open wide to attack
Several Seagate wireless hard-drives have been found to be affected by multiple vulnerabilities, the CERT Coordination Center of the Software Engineering Institute at Carnegie …
Featured news
Resources
Don't miss
- Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)
- How to land your first job in cybersecurity
- World Health Organization CISO on securing global health emergencies
- Calico: Open-source solution for Kubernetes networking, security, and observability
- Cyber turbulence ahead as airlines strap in for a security crisis