vulnerability
Security firm publishes details, exploit code for Google App Engine flaws
Polish firm Security Explorations has published technical details and PoC code for several security issues identified in Google App Engine (GAE) for Java.The company has found …
United Airlines offers air miles for vulnerability information
United Airlines has become the first airline to start a bug bounty program and instead of monetary rewards, it offers air miles: a million for remote code execution bugs, …
Flawed crypto endangers millions of smart grid devices
The cryptography used in the Open Smart Grid Protocol (OSGP), one of the most widely used smart meter and smart grid device networking standards, can be easily cracked, …
Millions of WordPress sites risk hijacking due to flaw in default theme
Guess what? Unless your site is hosted by one of 11 specific web hosts, it’s time to patch your WordPress installation again! Netsparker researchers have recently …
Lenovo makes new critical security mistakes
After the Superfish debacle earlier this year, Lenovo’s security practices have once again been found lacking as researchers have discovered several vulnerabilities in …
Year-old flaw in popular WordPress plugin still actively exploited
Sucuri Security researchers have discovered yet another malicious campaign redirecting users to sites hosting exploits. As per usual, the attackers are mostly leveraging …
Company invokes DMCA to block researcher from disclosing flaws in its product
Electronic lock maker CyberLock has attempted to prevent IOActive from releasing information about a host of security flaws they discovered in its product of the same …
Barracuda fixes critical MITM flaws in its Web Filter
Barracuda Networks has issued a security update that patches critical flaws in the firmware of its Web Filter appliances, which could lead to an attacker successfully …
Critical vulnerability in RealTek SDK breaks routers’ security
A critical vulnerability in version 1.3 of the RealTek software development kit (SDK) has opened hole in D-Link and Trendnet Wi-Fi routers – and possibly many others, as …
Unpatched, vulnerable PDF readers leave users open to attack
Unpatched, vulnerable PDF readers are a big security issue for private PC users, according to Secunia. 14% of PC users in the US (up from 12.9% last quarter) have an unpatched …
5,000+ e-commerce sites at risk due to buggy WordPress plugin
A popular WordPress e-commerce plugin that is actively used on over 5,000 websites contains high-risk vulnerabilities that can be exploited to compromise customers’ …
WordPress vulnerable to yet another, still to be patched XSS flaw
The latest WordPress version (4.2, released on Thursday) and several earlier ones are vulnerable to a stored cross-site scripting (XSS) vulnerability that can be exploited to …
Featured news
Resources
Don't miss
- CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide
- Malicious RVTools installer found on official site, researcher warns
- AI hallucinations and their risk to cybersecurity operations
- Why EU encryption policy needs technical and civil society input
- Hanko: Open-source authentication and user management