vulnerability
Microsoft gives app developers 180 days to fix bugs
This month’s Patch Tuesday has been a prolific one, and patches for a total of 34 vulnerabilities – six of which critical – have been made available for …
POC code for critical Android bug published
Last week, researchers from Bluebox Security have made a disconcerting revelation: Google’s Android mobile OS carries a critical bug that allows attackers to modify the …
US Emergency Alerting System vulnerable to attack
IOActive has discovered vulnerabilities in the Emergency Alerting System (EAS) which is widely used by TV and radio stations across the United States. They uncovered the …
The magnitude of Android’s “master key” bug
The Android flaw whose existence was revealed last week by Bluebox Security is as bad as they come. “Blowing hash and signing functions so that the underlying code can …
Android bug allows app code change without breaking signatures
Researchers from Bluebox Security have discovered a critical Android flaw that allows attackers to modify the code of any app without breaking its cryptographic signature, and …
Darkleech Apache module injection campaign delivers malware
One of the most successful malware infection campaigns ever is still going strong, and researchers have not come closer to discovering how the attackers are compromising web …
Serious vulnerabilities in OpenX ad platform expose millions to risk
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in OpenX, which can be exploited to execute arbitrary PHP code, perform Cross-Site Scripting (XSS) …
Facebook squashes critical account hijacking bug
A U.K.-based security researcher has shared details of a recently patched Facebook vulnerability that he discovered and for which he received $20,000 via the the social …
Data-slurping Facebook Graph Search flaw revealed
A mobile developer has discovered what he claims is a security vulnerability in the Facebook Graph Search that allowed him to automate the compilation of a list of some 2.5 …
Car hack attack a possible theory behind journalist’s death
The upcoming DEFCON hacking conference will have many presenters touching on a great number of subjects, including that of car hacking. Security researcher Charlie Miller, …
Microsoft to pay up to 150k for vulnerabilities
After years of saying that bug bounties are not the best way to go about getting crucial product vulnerability information in the long run, Microsoft has done an about-face …
U.S. tech companies sharing bug info with U.S. govt before releasing fixes
A recent report by Bloomberg’s Michael Riley has revealed that a great many U.S.-based companies are voluntarily sharing sensitive information with the U.S. national …
Featured news
Resources
Don't miss
- North Korean IT workers are extorting employers, FBI warns
- GUI frontends for GnuPG, the free implementation of the OpenPGP standard
- Juniper enterprise routers backdoored via “magic packet” malware
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)