Researchers have discovered a group of attackers who have published a variety of compromised WordPress themes and plug-ins on legitimate-looking sites, tricking developers into downloading and installing them on their own sites.
Browsing Category: Vulnerabilities
Drupal has released a patched a denial of service and account hijacking vulnerability, details of which were disclosed by the researchers who discovered the issue.
The people behind the Angler exploit kit are already exploiting one of the Flash bugs patched last week in the kit’s arsenal.
A bug was recently fixed in Android Lollipop that could allow an attacker to bypass ASLR and run arbitrary code on a target device under certain circumstances.
Google has released Chrome 39, fixing 42 security vulnerabilities and removing support for the fallback to SSLv3, the component that was the target of the POODLE attack revealed last month.
Google today released to open source security scanning tool called Firing Range, which is designed to test for cross-site scripting (XSS) and other vulnerabilities on a massive scale.
Microsoft on Tuesday released a rare out-of-band patch for a critical vulnerability in several versions of Windows and Windows Server, including Windows 8 and 8.1.
Karsten Nohl has updated his BadUSB research, looking at the top eight USB controller chips and determining that about half are susceptible to being maliciously reprogrammed.
Some users who have installed the MS14-066 patch that fixes a vulnerability in the Schannel technology in Windows are having issues with the fix causing TLS negotiations to fail in some circumstances.
Apple responds to the Masque vulnerability, saying that it is unaware of any users affected by the vulnerability, which allows hackers to swap out legitimate iOS apps with malicious ones.