Oracle Corporation issued an emergency patch on Tuesday, fixing critical vulnerabilities affecting the Jolt server within Oracle Tuxedo that could be exploited over a network with no valid username or password credentials.
The process is intended to improve transparency, represent the interests of a multitude of stakeholders, and establish accountability both of the process and its operators.
Microsoft's November Patch Tuesday rollout included patches 53 flaws, 20 rated critical, spread across a variety of products, including Edge, Internet Explorer, Windows and Office.
Adobe's November Patch Tuesday offering included 83 patches, including fixes for five critical-rated issues in Flash Player. Reader and Acrobat, by themselves, generated more than five dozen CVEs.
Barely one week after the highly anticipated launch of Apple's new iPhone X, security researchers are claiming they were able to defeat its Face ID facial recognition security feature using a carefully crafted mask worth approximately $150.
Game developer Bluehole, Inc. issued a hotfix for its popular title TERA this weekend, following the circulation of a report revealing that the MMORPG's HTML-based chat function could be abused to spread malware.
Estonia on Friday blocked the certificates of 760,000 national ID cards in response to a cryptographic vulnerability that researchers have discovered is even more dangerous than originally reported.
An exploit in the InPage word processor program was used as an attack vector by three malware families.
Just under a third, or 31 percent, of respondents in a survey by NodeSource and Sqreen are confident that their code is free of vulnerabilities.
Cisco Systems on Wednesday issued patches for 16 different product vulnerabilities, half of which are considered high impact in nature.
A Disney-branded internet filter underwent automatic patching after researchers discovered multiple vulnerabilities that could have exposed users to cyberattacks, researchers from Talos have reported.
A private website Google used to track bugs in its own products was discovered to have its own set of flaws that could have exposed sensitive vulnerability reports.
Matrix ransomware is now being distributed via the RIG exploit kit on various sites displaying malvertising.
Apache OpenOffice patched four medium vulnerabilities in the suites word processing and graphics apps.
In the first phase of the transparency initiative, Kaspersky Lab plans to start an independent review of its source code and an assessment of its secure development lifecycle processes.
A recent Symantec report found 25 percent of financial service employee mobile devices have unpatched vulnerabilities.
China's National Vulnerability Database (CCNVD) is much faster than its U.S. counterpart when it comes to reporting the latest confirmed product vulnerabilities, according to newly published research from Recorded Future.
The Norwegian Consumer Council and Mnemonic researchers are warning consumers about the dangers of poorly secured smartwatches marketed to children.
The program represents the first time top Android app developers are being asked establish public-facing vulnerability disclosure programs on the HackerOne platform...with Google Play picking up the tab for bonus bounties.
Cisco on Wednesday issued a security update to repair a critical unauthorized access vulnerability in its Cloud Services Platform (CSP) 2100.
Oracle Corporation released its quarterly Critical Patch Update on Tuesday, issuing fixes for 252 vulnerabilities, including extremely severe bugs found in the company's Hospitality Applications, Siebel CRM solution, and PeopleSoft HR software.
The database was populated with information on critical flaws, many of those unfixed, in the company's software that were of great value to hackers.
Adobe Systems on Monday issued an emergency patch for a zero-day Flash Player vulnerability, after an APT group was discovered actively exploiting the bug as a means to infect machines with FinSpy surveillance malware.
A malicious Microsoft Word document, discovered making the rounds via email, infects victims with the Orcus Rat remote administrative tool by automatically downloading a secondary doc capable of executing an RCE exploit.
Security Analyst Randy Abrams discovered evidence of a second breach, just a month after the company said the data on 145.5 million U.S. consumers had been exposed when attackers exploited a vulnerability in Apache Struts.
Mozilla issued a security update stating that the newly released Thunderbird 52.4 , Firefox 56 and Firefox ESR 52.4 patch 10 vulnerabilities, two rated critical, five high and three moderate found in earlier iterations of the software.