A bug in Tumblr's "Recommended Blogs" feature was fixed that disclosed private and personal information about the owner of the recommended blogs.
Remember that bug Facebook revealed two weeks ago that may have affected 50 million users if not more? Well Facebook has stated that 30 million of those user had their access tokens stolen by attackers according to a new updated posted by Facebook today.
A critical vulnerability in the WhatsApp messaging app for Android and iOS was fixed today that could have been activated simply by a user answering a call.
Today is the October 2018 Patch Tuesday, which means a boatload of security updates are out for Microsoft products including Windows, Office, and Exchange Server. These updates fix known bugs and security vulnerabilities found within Microsoft's products.
Adobe published its October 2018 Patch Tuesday updates today and it came with a big surprise. Not one security fix for Adobe Flash Player! Unfortunately, there are 11 vulnerabilities being patched, with two being critical, in Adobe Framemaker, Digital Editions, and Technical Communications Suite.
Mozilla has released Thunderbird version 60.2.1 to resolve numerous security updates in the mail program. One of these vulnerabilities is labeled as Critical as it could potentially lead to remote code execution.
The Fallout Exploit has been distributing the GandCrab Ransomware for the past few weeks, but has now switched its payload to the Kraken Cryptor Ransomware.
It has not been a good week for PDF programs. We had an Adobe Acrobat & Reader update released yesterday that fixed 86 vulnerabilities, including numerous critical ones. Not to be beaten, an update for Foxit PDF Reader and Foxit PhantomPDF was released last Friday that fixes a whopping 116 vulnerabilities.
Today, Facebook disclosed a security vulnerability that affected 50 million people on the social media network and allowed malicious third parties to potentially access the affected users account.
The GandCrab v5 ransomware has started to use the recently disclosed Task Scheduler ALPC vulnerability to gain System privileges on an infected computer. This vulnerability was recently patched by Microsoft in the September 2018 Patch Tuesday, but many companies may not have installed the patch.
Western Digital has just released an hotfix firmware update to resolve the authentication bypass vulnerability (CVE-2018-17153) that had remained unpatched for over a year. This vulnerability allowed anyone to bypass authentication and get administrative access to the router.
A zero day vulnerability in the Microsoft Windows Jet Database Engine has been disclosed by TrendMicro's Zero Day Initiative even though a security update is not currently available from Microsoft.
A new exploit kit called Fallout is being used to distribute the GandCrab ransomware, malware downloading Trojans, and other potentially unwanted programs (PUPs).
Cisco published on Wednesday 30 security advisories on vulnerabilities identified in its products. Half of them are for high and critical severity bugs.
The US continues to be the top country hosting domains that serve web-based threats and, and the main source for exploit kits on a global level, according to new research.
Some PC owners may need to apply motherboard firmware updates in the near future to address two attacks on TPM chips detailed earlier this month by four researchers from the National Security Research Institute of South Korea.
After last week a security researcher revealed a vulnerability in Apache Struts, a piece of very popular enterprise software, active exploitation attempts have started this week.
Google security researchers have revealed this week that the immensely popular Fortnite Android app is vulnerable to so-called man-in-the-disk (MitD) attacks.
A vulnerability affects all versions of the OpenSSH client released in the past two decades, ever since the application was released in 1999.
Tavis Ormandy, a Google Project Zero security researcher, has revealed details about a new major vulnerability discovered in Ghostscript, an interpreter for Adobe's PostScript and PDF page description languages.