An anonymous hacker with an online alias "SandboxEscaper" today released proof-of-concept (PoC) exploit code for a new zero-day vulnerability affecting Windows 10 operating system—that's his/her 5th publicly disclosed Windows zero-day exploit [1, 2, 3] in less than a year.
Published on GitHub, the new Windows 10 zero-day vulnerability is a privilege escalation issue that could allow a local
Academic researchers today disclosed details of the newest class of speculative execution side-channel vulnerabilities in Intel processors that impacts all modern chips, including the chips used in Apple devices.
After the discovery of Spectre and Meltdown processor vulnerabilities earlier last year that put practically every computer in the world at risk, different classes of Spectre and
It's Patch Tuesday—the day when Microsoft releases monthly security updates for its software.
Microsoft has software updates to address a total of 79 CVE-listed vulnerabilities in its Windows operating systems and other products, including a critical wormable flaw that can propagate malware from computer to computer without requiring users' interaction.
Out of 79 vulnerabilities, 18 issues
Adobe today released its monthly software updates to patch a total of 87 security vulnerabilities in its Adobe Acrobat and Reader, Flash Player and Media Encoder, most of which could lead to arbitrary code execution attacks or worse.
None of the flaws patched this month in Adobe products has been found exploited in the wild.
Out of 87 total flaws, a whopping number of vulnerabilities (i.e.,
A bug bounty hunter has discovered and publicly disclosed details of an unpatched browser address bar spoofing vulnerability that affects popular Chinese UC Browser and UC Browser Mini apps for Android.
Developed by Alibaba-owned UCWeb, UC Browser is one of the most popular mobile browsers, specifically in China and India, with a massive user base of more than half a billion users worldwide.
If you use a Dell computer, then beware — hackers could compromise your system remotely.
Bill Demirkapi, a 17-year-old independent security researcher, has discovered a critical remote code execution vulnerability in the Dell SupportAssist utility that comes pre-installed on most Dell computers.
Dell SupportAssist, formerly known as Dell System Detect, checks the health of your computer
In recent years, we have seen how hackers prey on those too lazy or ignorant to install security patches, which, if applied on time, would have prevented some devastating cyber attacks and data breaches that happened in major organisations.
The United States Department of Homeland Security (DHS) has ordered government agencies to more swiftly plug the critical security vulnerabilities found
A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild.
Oracle WebLogic is a scalable, Java-based multi-tier enterprise application server that allows businesses to quickly deploy new products and services
Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites.According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in
The Apache Software Foundation (ASF) has released new versions of its Tomcat application server to address an important security vulnerability that could allow a remote attacker to execute malicious code and take control of an affected server.
Developed by ASF, Apache Tomcat is an open source web server and servlet system, which uses several Java EE specifications such as Java Servlet,
It has been close to just one year since the launch of next-generation Wi-Fi security standard WPA3 and researchers have unveiled several serious vulnerabilities in the wireless security protocol that could allow attackers to recover the password of the Wi-Fi network.
WPA, or Wi-Fi Protected Access, is a standard designed to authenticate wireless devices using the Advanced Encryption Standard
Good morning readers, it's patch Tuesday again—the day of the month when Adobe and Microsoft release security patches for their software.
Adobe just released its monthly security updates to address a total of 40 security vulnerabilities in several of its products, including Flash Player, Adobe Acrobat and Reader, and Shockwave Player.
According to an advisory, Adobe Acrobat and Reader
