vulnerability
Bugs in Windows DNS client open millions of users to attack
In this month’s Patch Tuesday, Microsoft has included fixes for multiple critical memory corruption vulnerabilities in the Windows DNS client, which could be exploited …
Patching discrepancy between supported Windows versions puts users at risk
Security improvements should be a welcome addition to all software, but if they are not also simultaneously backported into its older and still supported versions, they can …
PoC for several Magento vulnerabilities released, update now!
DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento …
Widely used DNS forwarder and DHCP server Dnsmasq riddled with flaws
Google researchers have discovered seven serious vulnerabilities in Dnsmasq, a lightweight, widely used DNS forwarder and DHCP server for small computer networks. Dnsmasq is …
Is your Mac software secure but firmware vulnerable?
Mac users who have updated to the latest OS version or have downloaded and implemented the most recent security update may not be as secure as they originally thought, Duo …
Spoofed IRS notice delivers RAT through link updating trick
The malware delivery trick involving updating links in Word documents is apparently gaining some traction: the latest campaign to use it likely takes the form of fake emails …
Optionsbleed bug makes Apache HTTP Server leak data from memory
On Monday, security researcher Hanno Böck detailed a memory-leaking vulnerability in Apache HTTP Server that’s similar to the infamous OpenSSL Heartbleed bug uncovered …
Equifax breach happened because of a missed patch
The attackers who breached Equifax managed to do so by exploiting a vulnerability in its US website, the company has finally confirmed. The vulnerability – CVE-2017-5638 …
Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …
Billions of Bluetooth-enabled devices vulnerable to new airborne attacks
Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute …
Equifax attackers got in through an Apache Struts flaw?
Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to …
Patch your Android device to foil Toast Overlay attacks
Overlay attacks are nothing new for Android users, and Palo Alto Networks Unit 42 researchers have found yet another way for attackers to perpetrate them. An “overlay attack” …
Featured news
Resources
Don't miss
- SAP zero-day wake-up call: Why ERP systems need a unified defense
- “Perfect” Adobe Experience Manager vulnerability is being exploited (CVE-2025-54253)
- When trusted AI connections turn hostile
- Identifying risky candidates: Practical steps for security leaders
- Humanoid robot found vulnerable to Bluetooth hack, data leaks to China