Please turn on your JavaScript for this page to function normally.
Apache Struts
Easily exploitable Apache Struts vulnerability opens businesses to attack

A critical vulnerability in Apache Struts, a popular open source framework for developing web applications, opens any server running an app built using it to remote attackers. …

Instagram
Hackers stole contact info of 6 million Instagram users and are selling it online

Last week, Instagram pushed out a patch for a bug in the service’s API that allowed attackers to discover users’ email address and/or phone number. Facebook-owned …

Advantech WebAccess
Advantech fixes serious vulns in WebAccess HMI/SCADA software

Advantech has plugged nine security holes in WebAccess and has urged users to upgrade the software as soon as possible. Advantech WebAccess is a web browser-based software …

LabVIEW
Cisco unveils LabVIEW code execution flaw that won’t be patched

LabVIEW, the widely used system design and development platform developed by National Instruments, sports a memory corruption vulnerability that could lead to code execution. …

Intel
Researchers figured out how to disable the Intel ME controller on Intel chipsets

Researchers have discovered that Intel Management Engine (Intel ME) 11, a dedicated (and non-optional) microcontroller integrated into all Intel chipsets, can be disabled …

robot IOActive
Hacked robots can be a deadly insider threat

IOActive researchers have probed the security of a number of humanoid home and business robots as well industrial collaborative robots, and have found it seriously wanting. A …

binary
Two Foxit Reader RCE zero-day vulnerabilities disclosed

Trend Micro’s Zero Day Initiative has released details about two remote code execution zero-day flaws affecting popular freemium PDF tool Foxit Reader. The first one …

Chrome
Google Chrome remote code execution flaw detailed, PoC released

Vulnerability broker Beyond Security has released details about and Proof of Concept code for a remote code execution bug affecting Google Chrome. “The [type confusion] …

DNA
Researchers pull off DNA-based malicious code injection attack

Researchers have demonstrated that it’s possible to create synthetic DNA strands containing malicious computer code that, if sequenced and analyzed, could compromise a …

Law legislation
PACER vulnerability allowed hackers to access legal docs while sticking others with the bill

A CSRF flaw that made it possible for attackers to access court documents on the PACER system while making legitimate users pay for it has finally been plugged. What is PACER? …

Microsoft
Microsoft fixes 25 critical issues in August Patch Tuesday

The Microsoft August 2017 Patch Tuesday update has landed and contains patches for 48 vulnerabilities, 25 of which are for critical issues. 27 of the vulnerabilities can be …

Siemens
Siemens CT scanners open to remote compromise via publicly available exploits

Siemens has finally provided patches for a number of Microsoft Windows SMBv1 vulnerabilities that affect some of the medical devices sold under the Siemens Healthineers brand. …

Don't miss

Cybersecurity news