vulnerability
Severe flaws patched in libarchive, dependent projects urged to follow
Three severe bugs that could be easily exploited to perform arbitrary code execution have been patched with version 3.2.1 of the libarchive open source multi-format archive …
The DAO is under attack, a third of its ether reserves stolen
The DAO, a digital Decentralised Autonomous Organisation that has been set up to support projects related to Ethereum, a public blockchain platform that allows programmable …
How attackers can hijack your Facebook account
Positive Technologies researchers have demonstrated that knowing a user’s phone number and how to exploit a vulnerability in the SS7 network is enough to hijack that …
Cisco’s small business Wi-Fi routers open to attack, no patch available
Security researcher Samuel Huntley has discovered four vulnerabilities in Cisco’s RV range of small business Wi-Fi routers, the worst of which could allow an …
Adobe Flash zero-day actively exploited in targeted attacks
A zero-day vulnerability affecting the latest version of Adobe Flash Player and all previous ones is being actively exploited in limited, targeted attacks, the company has …
Netgear removes crypto keys hard-coded in routers
Qualys security researcher Mandar Jadhav has discovered two serious vulnerabilities in Netgear D6000 and D3600 modem routers, which can be exploited to gain access to the …
Bug in Chrome’s PDF reader allows arbitrary code execution
Vulnerabilities in software often arise from faulty implementations of elements developed by other code writers. Take for example CVE-2016-1681, the heap-based buffer overflow …
Vulnerabilities in Facebook Chat and Messenger exploitable with basic HTML knowledge
Check Point’s security research team has discovered vulnerabilities in Facebook’s standard online Chat function, and its separately downloaded Messenger app. The …
Flaws in Ubee router can facilitate attacks on connected networks
Researchers have discovered five critical vulnerabilities in Ubee EVW3226, a VoIP cable modem router used by operators across Europe, which can be exploited to compromise the …
Lenovo tells users to uninstall vulnerable Accelerator app
In the wake of Duo Security’s report on the critical vulnerabilities sported by Original Equipment Manufacturer (OEM) updaters loaded on popular laptop and desktop …
KeePass update check MitM flaw can lead to malicious downloads
Open source password manager KeePass sports a MitM vulnerability that could allow attackers to trick users into downloading malware disguised as a software update, security …
Bug poachers target businesses, demand money for bug info
Businesses are being hit with an extortion attempt based on attackers penetrating their network or websites and stealing corporate or user data. The attackers don’t say …
Featured news
Sponsored
Don't miss
- Overlooked essentials: API security best practices
- SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?