Zeljka Zorz
Microsoft patches two more 0-days actively used by attackers
With this month’s Patch Tuesday, Microsoft has provided patches for several critical vulnerabilities that allow remote code execution, some of which have been or are …
POODLE vulnerability: The end of life of SSL 3.0
There is a critical security vulnerability in SSL 3.0 which allows attackers to calculate the plaintext of encrypted connections, and it will likely spell the end of the use …
Malicious YouTube ads lead to exploits, ransomware
In the last few months, Trend Micro researchers have been following a malvertising campaign that ended up affecting almost exclusively US users at the beat of more than …
Russian espionage group used Windows 0-day to target NATO, EU
In today’s Patch Tuesday, Microsoft will be releasing a wide variety of patches, and among them will be one for a zero-day vulnerability that has been used in a …
Personal info of 850k Oregon jobseekers potentially compromised
851,322 individuals who used Oregon Employment Department’s WorkSource Oregon Management Information System (WOMIS) will soon be receiving notices that they information …
Dropbox wasn’t hacked, says leaked credentials are from unrelated services
Dropbox has denied that they have been hacked, and that the login credentials leaked by a unknown individual on Pastebin are those of Dropbox users. The leaker released the …
Leaked Snapchat images came from third-party server
Snapchat is a mobile photo messaging app that allows users to send pictures that “self-destruct” a few moments after being viewed, and is especially popular with …
Dropbox bug left some users without their stored files
Popular file cloud hosting service Dropbox has been sending out emails to a “small number” of its customers, explaining that some of their files have been …
Flawed reused code opens zero-day in Cyanogenmod
An unnamed security researcher says that Cyanogenmod, the popular Android-based mobile OS, sports a zero-day vulnerability that can be misused to target users with …
Kmart confirms month-old data breach, payment card data stolen
First via a filing with the US Securities and Exchange Commission, and then via a press release, Sears Holding Corporation has confirmed a month-old breach that affected POS …
HP to revoke certificate that was used to signed malware
HP has announced to its customers that it will soon revoke a specific private digital certificate that they used to sign some software components that ship with some of its …
The number of JPMorgan hackers’ targets rises
The distressing news that the JPMorgan Chase breach resulted in the compromise of data of some 76 million households and 7 million small businesses may be soon followed by …
Featured news
Resources
Don't miss
- Hottest cybersecurity open-source tools of the month: November 2025
- Gainsight breach: Salesforce details attack window, issues investigation guidance
- New “HashJack” attack can hijack AI browsers and assistants
- Heineken CISO champions a new risk mindset to unlock innovation
- Small language models step into the fight against phishing sites