Attackers can unmask users hidden under a VPN connection. A vulnerability into how VPN providers deal with port forwarding exposes the real IP...
A vulnerability reported to United Airlines that could have been exploited to manipulate flight reservations and customer data sat unpatched for almost...
Developers at LinkedIn fixed a persistent cross site scripting vulnerability in the social network this week that could have been exploited to...
In a new Ubuntu Security Notice (USN-2814-1), Canonical announced that they have patched a security vulnerability in the Nvidia proprietary graphics drivers...
Attackers could have had full control over DT’s Web server. Independent Egyptian security researcher Ebrahim Hegazy has found another vulnerability, and this one...
Google’s Chrome staff got in contact with the security researcher and has already started working on a fix A Chinese security researcher...
All Ubuntu users are urged to update as soon as possible. Canonical has just published four Ubuntu Security Notices that detail a recent...
Major bug goes unnoticed in one of Java’s most popular libraries, despite getting a CVSS vulnerability score of 10 Back in late...
Timing attacks has proven practical since 96′ as shown in a paper by Paul C. Kocher. In his paper Paul demonstrate how,...
Joomla on Thursday released a new version of its content management system, 3,4,5, that addresses a critical SQL injection vulnerability that could have...
Magento has contacted the websites that appear to be vulnerable, Trustwave said. An open-source tool for importing content into the Magento e-commerce...
A vulnerability in Netgear routers, already disclosed by two sets of researchers at different security companies, has been publicly exploited. Netgear, meanwhile,...
Operation Pony Express was a spear-phishing campaign that was detected by Sophos researchers between April and May 2015. The research team identified...
After a few critical bugs were recently discovered and patched in the core WordPress engine—a rarity with WordPress-related security issues—order has apparently...
Short Bytes: The latest WinRAR SFX v5.21 update has a serious vulnerability that allows remote attackers to execute any malicious code on your...
The proliferation of independent and vendor-sponsored bug bounties has not only put some money in researchers’ pockets, but has also forced enterprises—and...
SharePoint, one of the tools included with Microsoft Office’s server suite, has been patched to protect users from a persistent XSS (cross-site...
Proof-of-concept exploit installs malicious app on nearby iPhones. Apple has mitigated a critical iOS vulnerability that allows attackers within Bluetooth range of...
WordPress core engine security vulnerabilities aren’t rare, but they are uncommon. Most issues affecting the integrity of sites running on the content...
This vulnerability was discovered by Rafal Wojtczuk and Corey Kallenberg, check original white paper. Around one month ago, at 31-st Chaos Communication...
Networking process crashed by crafted packets. One of the world’s major suppliers of industrial networking kit, Japanese company Yokogawa, has alerted the...