Security News

A recently-patched critical flaw in Oracle WebLogic is being actively exploited to peddle a new ransomware variant, which researchers call "Sodinokibi."

A new cyptojacking campaign targeting enterprises in Asia is leveraging the National Security Agency-linked DoublePulsar backdoor and the EternalBlue exploit for network spreading, Symantec...

FireEye’s analysis of the Carbanak source code that emerged on VirusTotal recently found no use of new exploits. Their review of the code also verified previous assumptions on the group behind a...

More and more attacks taking advantage of a XSS and RCE bug in the popular plugin have cropped up in the wild.

RunSafe Security, the pioneer of a patented cyberhardening process for vulnerable embedded systems and devices, announced the formation of a new exploit identification and information sharing...

Patched just last week, the Windows kernel bug is being used for full system takeover.

An ancient WinRAR vulnerability made public in February is now well on its way to becoming one of the most widely and rapidly-exploited security flaws of recent times.

Charles Fol, the security engineer that unearthed the Carpe Diem Apache HTTP Server bug (CVE-2019-0211), has released an exploit for it. “This is between a POC and a proper exploit. I added tons...

April Patch Tuesday is nearly here with two significant topics of concern. The first relates to end-of-service milestones and the second issue is browser exploits. Let’s start with end-of-service....

A researcher has released proof-of-concept (PoC) exploits for unpatched same-origin policy bypass vulnerabilities affecting Microsoft’s Internet Explorer and Edge web browsers. read more