Google’s Project Zero tested the security of one of its biggest OEM partners, Samsung, finding 11 critical vulnerabilities in the Galaxy S6 Edge.
A new version of XcodeGhost has added new obfuscation techniques, and support for iOS9. Infections have also reached out beyond China.
500 sites that use the free analytics service PageFair may have been compromised over the weekend.
A vulnerability in a network that processes genomic data could pave the way to some global genomic databases being hacked.
Researchers have developed a bypass for Microsoft’s EMET exploit mitigations by targeting a design limitation of the WoW64 subsystem that provides backwards compatibility for 32-bit applications on 64-bit systems.
Google released its monthly over-the-air Android security update to Nexus devices, patching another handful of vulnerabilities related to Stagefright.
A malicious data-stealing Android app that impersonates a Microsoft Word document has already infected several hundred users, primarily in China.
Mike Mimoso and Chris Brook discuss the news of the week: The latest Xen vulnerability, CISA passing the Senate, a researcher challenging that Weak DH paper, and more.
Xen patched a seven-year-old vulnerability that allows an attacker to escape a guest virtual machine and attack the host operating system.
Web hosting service 000webhost told customers that 13.5 customer usernames, plaintext passwords, email addresses, IP addresses, and names were exposed in a breach.