vulnerability
Exploit code for critical MS Office flaw exploit found in the wild
A critical vulnerability in the way Microsoft Office handles RTF which can allow an attacker to remotely execute arbitrary code on the victim’s computer has been by …
Critical vulnerability in ImgBurn
A vulnerability has been discovered in ImgBurn, which can be exploited by malicious people to compromise a user’s system, according to Secunia. The vulnerability is …
All versions of Internet Explorer under threat
Today Microsoft released a new security advisory to help protect users from a vulnerability affecting Internet Explorer versions 6, 7, and 8. Exploiting this vulnerability …
OpenBSD headman believes contractor tried to insert backdoors
Following last week’s accusation by a former government contractor that the FBI has implemented backdoors into the encryption software used by OpenBSD, Theo de Raadt, …
Fake iTunes e-mail leads to drive-by download
E-mails purportedly coming from iTunes and bearing “iTunes account may be suspended” in the subject line have been hitting inboxes in the last few days. …
Mozilla expands its bug bounty program
Back in 2004, the Mozilla Foundation instituted a bug bounty program that rewarded users who reported critical security vulnerabilities on the Foundation’s software with …
Microsoft patches record 40 vulnerabilities
Today Microsoft released 17 security bulletins which address 40 vulnerabilities affecting Microsoft Office, Windows, Internet Explorer, SharePoint Server and Exchange. This …
Multiple vulnerabilities in RealPlayer
Multiple vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user’s system, according to Secunia. Users should …
WordPress Comment Rating plugin CSRF vulnerability
A vulnerability has been reported in the Comment Rating plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks, …
CORE IMPACT Pro 11 now detects and exploits network router vulnerabilities
Core Security Technologies introduced the latest version of its automated penetration testing solution, CORE IMPACT Pro 11. CORE IMPACT Pro enables users to conduct real-world …
Security Factsheets: A new look at vulnerability data
Secunia today announced their Security Factsheets, designed for those who are interested in understanding the historical development of advisories and vulnerabilities in …
Most businesses vulnerable to cache poisoning attacks
While DNSSEC adoption percentages appear to have increased dramatically by 340 percent this year, the actual number of zones that have been signed is very small: .02 percent, …
Featured news
Resources
Don't miss
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)
- Defense strategies to counter escalating hybrid attacks
- Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning
- Funding soars in a milestone year for Israeli cybersecurity