A cybersecurity researcher recently published details and proof-of-concept for an unpatched zero-day vulnerability in phpMyAdmin—one of the most popular applications for managing the MySQL and MariaDB databases.
phpMyAdmin is a free and open source administration tool for MySQL and MariaDB that's widely used to manage the database for websites created with WordPress, Joomla, and many other
XKCD—one of the most popular webcomic platforms known for its geeky tech humor and other science-laden comic strips on romance, sarcasm, math, and language—has suffered a data breach exposing data of its forum users.
The security breach occurred two months ago, according to security researcher Troy Hunt who alerted the company of the incident, with unknown hackers stealing around 562,000
Cybersecurity researchers have discovered over 80 Magecart compromised e-commerce websites that were actively sending credit card information of online shoppers to the attackers-controlled servers.
Operating their businesses in the United States, Canada, Europe, Latin America, and Asia, many of these compromised websites are reputable brands in the motorsports industry and high fashion,
In a move to protect its users based in Kazakhstan from government surveillance, Google and Mozilla finally today came forward and blocked Kazakhstan's government-issued root CA certificate within their respective web browsing software.
Starting today, Firefox and Chrome users in Kazakhstan will see an error message stating that the certificate should not be trusted when attempting to access
If you're using Chrome on Android, you can now sign-in to your Google account and some of the other Google services by simply using your fingerprint, instead of typing in your password every time.
Google is rolling out a new feature, called "local user verification," that allows you to log in to both native applications and web services by registering your fingerprint or any other method
If your e-commerce website runs on the OXID eShop platform, you need to update it immediately to prevent your site from becoming compromised.
Cybersecurity researchers have discovered a pair of critical vulnerabilities in OXID eShop e-commerce software that could allow unauthenticated attackers to take full control over vulnerable eCommerce websites remotely in less than a few seconds.
OXID
If you use Slack, a popular cloud-based team collaboration server, and recently received an email from the company about a security incident, don't panic and read this article before taking any action.
Slack has been sending a "password reset" notification email to all those users who had not yet changed passwords for their Slack accounts since 2015 when the company suffered a massive data
In every organization, there is a person who's directly accountable for cybersecurity. The name of the role varies per the organization's size and maturity – CISO, CIO, and Director of IT are just a few common examples – but the responsibility is similar in all places.
They're the person who understands the risk and exposure, knows how prepared the team and most important – what the gaps are
Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim's computer.
Barak Tawily, an application security researcher, shared his findings with The Hacker News, wherein he successfully
Stack Overflow, one of the largest question and answer site for programmers, revealed today that an unknown hacker(s) managed to gain unauthorized access to its production systems on May 11, 2019.
Founded by Jeff Atwood and Joel Spolsky in 2008, Stack Overflow is the flagship site of the Stack Exchange Network. With 10 million registered users and over 50 million unique visitors every month,
A team of security researchers at Microsoft discovered a potentially serious vulnerability in the Bluetooth-supported version of Google's Titan Security Keys that could not be patched with a software update.
However, users do not need to worry as Google has announced to offer a free replacement for the affected Titan Security Key dongles.
In a security advisory published Wednesday, Google
If you own an eCommerce website built on WordPress and powered by WooCommerce plugin, then beware of a new, unpatched vulnerability that has been made public and could allow attackers to compromise your online store.
A WordPress security company—called "Plugin Vulnerabilities"—that recently gone rogue in order to protest against moderators of the WordPress’s official support forum has once