April 19 may now be known as Oracle Patch Day with the company issuing and record 299 critical security fixes, including several that patch issues that can be exploited by some of the leaked NSA tools.
Microsoft's April Patch Tuesday finally revealed the company's new approach in rolling out and informing the industry on the security updates for the month and at best has received mixed reviews from industry insiders.
The CERT Coordination Center has issued an advisory for a vulnerability in IBM Domino servers that has apparently been exploited by a technique referenced in the Shadow Brokers' latest unauthorized release of alleged NSA hacking tools.
VMware released security updates to contend with a vulnerability in vCenter Server.
A new social network named Mastodon popped up a few months ago that is designed to deliver a decentralized, open-source experience, but its unique structure may make its members vulnerable to cyberattacks.
hackers are launching coordinated brute-force attacks on the administration panels of WordPress sites via unsecured home routers.
Bad actors have been leveraging a disclosed remote code execution exploit in Apache Struts 2 to launch an evolving array of malicious campaigns, including Cerber ransomware attacks, against machines that still use unpatched versions of the software.
A Google Project Zero researcher has detailed a series of vulnerabilities in Broadcom's Wi-Fi chipsets that could potentially allow remote code execution on Android and iOS devices.
On Thursday, Cisco released a number of patches to mitigate exposures affecting several products.
A number of Java implementations of AMF3 are susceptible to insecure deserialization and XML external entities reference, according to an advisory from CERT.
Google's Project Zero Prize ironically lived up to its name when the company announced last week that not a single researcher submitted a valid entry to the company's bug bounty contest.
Samsung's smart device operating system, Tizen - designed to replace Google's Android OS - is the "worst code" ever seen, says security researcher.
Amaq, a media channel used by the Islamic State, was hacked and was distributing malware via a Flash Installer.
Google issued an update to address five bugs in its Chrome browser that, if exploited, could enable remote attackers to gain control of an affected system.
For the second time in two weeks, Google researcher Tavis Ormandy has discovered a critical vulnerability in LastPass.
Apple on Monday released security updates for multiple products, and in the process also reconfigured iOS to address a pop-up issue that scammers were abusing to lock users out of their Safari mobile browsers in an attempt to extort money.
Apple last week updated its iTunes software to version 12.6 for its macOS products as well as Windows devices, in both cases fixing the same 17 vulnerabilities.
Police in several countries are wrapping up investigations of two 18-year-old Israelis suspected of causing $1.6 million in damages from hawking software intended to crash websites.
FBI director James Comey advocated for an easing of security mechanisms so that law enforcement worldwide would have an easier time snooping on encrypted communications.
Researchers from Cybellum have discovered a 15-year-old code injection vulnerability and exploit technique that could allow attackers to maliciously take over antivirus programs and other software by abusing Microsoft's Windows Application Verifier debugging tool.
The Twitter accounts of Good Morning America, GMA Pop News and ABC News were hacked on Thursday with a series of posts being added, including two praising Donald Trump.
Cisco has issued a critical advisory on a number of security updates to address vulnerabilities in more than 300 of its switch models, some of which were detailed in Vault7, a recent dump from WikiLeaks.
Kaspersky Labs has disclosed a vulnerability in libpurple that if exploited could allow remote code execution.