Three Sonic the Hedgehog games for Android devices that collectively have been downloaded well over a hundred million times are reportedly leaking users' geolocation and device data to uncertified servers, thereby posing a privacy threat.
Cisco Systems on Wednesday issued 26 security updates to fix a variety of vulnerabilities, including high-impact bugs in its NX-OS Software, its Email Security Appliance (ESA) and Content Security Management Appliance, and its Unified Customer Voice Portal (CVP).
A quirky bug in Apple's Messages application is allowing a malicious GitHub link to cause crashes and other bothersome behavior on both macOS and iOS machines.
Cisco Talos researchers identified multiple unpatched vulnerabilities in the Blender Open Source 3D creation suite that could allow an attacker to run arbitrary code.
The 2017 number brings the total payout for the six-year program to $6.3 million.
Researchers released a whitepaper outlining 147 vulnerabilities in 34 mobile applications used in tandem with Supervisory Control and Data Acquisition (SCADA) systems.
Academic researchers have reported vulnerabilities in the group communication protocols of three encrypted messaging apps -- WhatsApp, Signal, and Threema -- that could allow attackers to willfully subvert their integrity and confidentiality.
The popular Bitcoin client Electrum has developed a patch for a critical vulnerability that allows malicious websites to steal from digital wallets that are not password-protected.
Intel CEO Brian Krzanich's sale of Intel stock in November before security flaws in the chip became public is raising some eyebrows among regulatory and legal officials.
A slew of online services used to manage GPS- and GSM-based location tracking devices have been found vulnerable to flaws that could allow attackers to hijack these devices and reveal their owners' past and current locations.
VMware issued patches on Wednesday for a trio of critical vulnerabilities in its vSphere Data Protection disk-based backup and recovery solution.
Mozilla issued a series of security updates for Thunderbird 52.5.2 that includes a critically rated buffer overflow issue that could lead to a crash if exploited.
Attackers continue to exploit a recently patched remote code execution vulnerability in the Microsoft Equation Editor component of Microsoft Office, this time using the bug to deliver a modified version of Loki information-stealing malware.
VMware on Tuesday patched a series of vulnerabilities in its ESXI, Workstation Pro, and Fusion hypervisors, as well as its vCenter Server Appliance.
Attackers have exploited an old WordPress vulnerability to infect more than one thousand websites with malware capable of injecting malvertising and even creating a rogue admin user with full access privileges, according to researchers.
A Top Google Play App was found to be leaking sensitive data and to contain several OWASP flaws
Apple released security updates for its cellphones, set top box and Window's iCloud platform shortly after rolling out another patch for the KRACK exploits.
Apple has continued to roll out patches to fix the KRACK (Key Reinstallation AttaCKs) series of vulnerabilities, this time in its AirPort Base Station firmware.
Microsoft's December Patch Tuesday release contained 34 vulnerabilities with 22 of these being rated critical and affecting the company's browser products.
A vulnerability found in two keyless entry door locks enables local attackers to lock and unlock doors.
HP said an attacker would need administrative privileges in order to take advantage of the vulnerability.