The developers of the Samba suite of SMB/CFIS-based interoperability applications for *NIX machines issued an important patch on Wednesday, following the discovery of a remote code execution vulnerability.
A researcher going by the moniker Kedrisch spotted a Twitter vulnerability which would've allowed a user to post tweets from any user's account.
In a personal blog post published on Sunday, a security researcher provided details into a cross-site scripting vulnerability he discovered in the Verizon Messages SMS texting service, which was patched late in 2016.
Some of the pressure came from having smaller budgets and teams, though the research found that "having a lot of money is not always a good thing."
If exploited, both could lead to arbitrary code executive, the company reported.
Researchers at Nightwatch Cybersecurity spotted nearly 40 Asus RT routers with five vulnerabilities.
A flaw in a popular word processing program in South Korea is opening the door for malicious attackers to deliver arbitrary code to victims' computers.
Google also announced that its Patch Rewards program going forward would "include rewards for the integration of fuzz targets into OSS-Fuzz."
Intel issued a critical firmware update that impacts several of its product families and Cisco Talos dug into a pair of vulnerabilities impacting Power Software Power ISO disk managing software.
Some researchers accused the vulnerability of being a backdoor, others are less skeptical.
Joomla! recently patched two cross-site scripting vulnerabilities that if left unrepaired could give a malicious actor higher permissions possibly allowing the targeted site to be taken over.
O2 has admitted that thieves exploited flaws in SS7 to steal money from victim's bank accounts.
Google has released its May security updates for Android including a laundry list of critically rated issues along with updates for its Nexus and Pixel smartphones.
Intel issued an advisory on Monday warning of a critical escalation of privilege vulnerability in its firmware that can enable attackers to seize control of its products' manageability features.
Yahoo awarded a $7,000 bug bounty to a researcher who spotted three bugs that could be leveraged to takeover a Flickr account.
Security researchers at Talos have uncovered a flaw in the Randombit Botan library.
The jpeg2000 (JP2) plug-in for the Windows-based image viewing and editing application IrfanView has been updated to address a vulnerability that can lead to arbitrary code execution, Cisco's Talos division has reported.
While details on the bounties have not been released yet, the initiative will start May 15 and run from May 30 until June 23.
A zero-day bug in Microsoft Office and WordPad that hackers exploited to spy on targeted users, implant malware, and steal banking credentials took nine months to fix, according to news reports.
Adobe Systems on Tuesday issued a series of hotfixes that addresses an input validation flaw in multiple versions of its ColdFusion web application development platform.
A bug in applications developed using Portrait Display SDK default to insecure configurations enabling arbitrary code execution.
Even Charles Darwin couldn't protect his Twitter account from being hijacked after a researcher stole his cookies and passwords by exploiting a reported universal cross-site scripting vulnerability in the Microsoft Edge browser.