A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.
Browsing Category: Vulnerabilities
Academics argue that Netflix’s recent upgrade to HTTPS is doing little to protect its users from a passive traffic analysis attack.
SAP has issued an updated patch for a code-injection vulnerability affecting the TREX search engine integrated into more than a dozen SAP products.
Microsoft Patch Tuesday fixes 45 vulnerabilities, one being an active zero-day bug used to spread the Dridex banking Trojan.
Adobe patched 59 vulnerabilities across five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App on Tuesday.
A Microsoft Word zero-day vulnerability is being used to spread the Dridex banking Trojan in attacks that have bypassed mitigation efforts.
Researchers spent six months poking holes in Signal and urge a bigger spotlight on security testing.
A researcher poked holes in seven different IoT devices at last week’s Security Analyst Summit, including a host of travel routers, NAS devices, and an IP-enabled camera.
Riverbed Technology, whose products are used by most of the Global 500, patched vulnerabilities in its SteelCentral Portal used for critical application performance monitoring.
A previously undisclosed baseband vulnerability impacting Huawei smartphones, laptop WWAN modules and IoT components was revealed Thursday at the Infiltrate Conference