vulnerability
Lenovo makes new critical security mistakes
After the Superfish debacle earlier this year, Lenovo’s security practices have once again been found lacking as researchers have discovered several vulnerabilities in …
Year-old flaw in popular WordPress plugin still actively exploited
Sucuri Security researchers have discovered yet another malicious campaign redirecting users to sites hosting exploits. As per usual, the attackers are mostly leveraging …
Company invokes DMCA to block researcher from disclosing flaws in its product
Electronic lock maker CyberLock has attempted to prevent IOActive from releasing information about a host of security flaws they discovered in its product of the same …
Barracuda fixes critical MITM flaws in its Web Filter
Barracuda Networks has issued a security update that patches critical flaws in the firmware of its Web Filter appliances, which could lead to an attacker successfully …
Critical vulnerability in RealTek SDK breaks routers’ security
A critical vulnerability in version 1.3 of the RealTek software development kit (SDK) has opened hole in D-Link and Trendnet Wi-Fi routers – and possibly many others, as …
Unpatched, vulnerable PDF readers leave users open to attack
Unpatched, vulnerable PDF readers are a big security issue for private PC users, according to Secunia. 14% of PC users in the US (up from 12.9% last quarter) have an unpatched …
5,000+ e-commerce sites at risk due to buggy WordPress plugin
A popular WordPress e-commerce plugin that is actively used on over 5,000 websites contains high-risk vulnerabilities that can be exploited to compromise customers’ …
WordPress vulnerable to yet another, still to be patched XSS flaw
The latest WordPress version (4.2, released on Thursday) and several earlier ones are vulnerable to a stored cross-site scripting (XSS) vulnerability that can be exploited to …
100,000 web shops open to compromise as attackers exploit Magento bug
A critical vulnerability found in Magento, the most popular content management system for e-commerce sites, is being exploited by hackers to get their hands on users’ …
WordPress issues critical security release
WordPress users should update as soon as possible, as the latest release (4.1.2) plugs a critical cross-site scripting vulnerability that could allow anonymous users to …
Microsoft announces bug bounties for Spartan, Azure
As the official launch of Windows 10 approaches, Microsoft has launched a new bug bounty related to its Technical Preview version, and is asking bug hunters to analyze its new …

Vulnerability management for over 15,000 unique apps
Tripwire announced at RSA Conference 2015 that its Tripwire IP360 solution now discovers more than 100,000 conditions, including vulnerabilities, configurations and operating …
Featured news
Resources
Don't miss
- Product showcase: iStorage diskAshur PRO3
- As AI tools take hold in cybersecurity, entry-level jobs could shrink
- Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)
- How to land your first job in cybersecurity
- World Health Organization CISO on securing global health emergencies