Of the thousands of plugins for the jQueryÂ framework, one of the most popular of them harbored for at least three years an oversight in code that eluded the security community, despite public availability of tutorials that explained how it could be exploited.
An online scammer targeting thousands of victims interested in cryptocurrenciesÂ runs a large and diverse business that includes phishing and fraud operations.
A little over a week ago, researcher promised to run a 51% attack on the blockchain of a small cryptocurrency called Einsteinium (EMC2), to show the world how easy the entire process was.
Several router models from D-Link are vulnerable to three security bugs that could help an attacker get full control over them.
A newly discovered first-stage implant targeting Korean-speaking victims borrows code from another reconnaissance tool linked to Comment Crew, a Chinese nation-state threat actor that was exposed in 2013 following cyber espionage campaigns against the United States.
Newly released versions of the libssh library fix an authentication bypass flaw that grants access to the server by just telling it that the procedure was a success.
A new advanced threat actor is now on the public map of adversaries that target systems in the critical infrastructure sector. The name is GreyEnergy and it shows similarities with the BlackEnergy group.
A hacker enticed by the payment method used by the vendingÂ machines located on a university campus found a way to get free credit after looking at the inner workings of the machine's accompanying mobile app.
Today's the last day for a third of US government's executive branch departments to comply to a directive that seeks the adoption and improvement of email validation policies that would lower the risk of spam and impersonation.
In a new malware campaign, cybercriminals modified a known exploit chain to push Agent Tesla info stealer without triggering detection from common antivirus products.
An advertisement on a forum trading data breach information offers to sell personally identifiable details and voting history of millions of US residents. The estimated size of the cache is in excess of 35 million records.
PlayStation 4 owners are at risk of having their console freeze on them in the middle of a game due to an issue with parsing symbols in messages received from fellow gamers.
Windows JET Database Engine continues to be vulnerable to remote code execution bug after Microsoft released a patch in the October security updates rollout.
A brazen phishing campaign took Iceland by surprise the last weekend, sending out malicious emails to thousands of individuals, in an attemptÂ to fool them into installing a powerful remote access tool.
The flurry of security bugs Microsoft addressed with its latest rollout of updates includes a remote code execution vulnerability in Edge web browser. The glitch relies on abusing URI schemes and scripts in Windows that can run with user-defined parameters.