Security News

FinSpy—the infamous surveillance malware is back and infecting high-profile targets using a new Adobe Flash zero-day exploit delivered through Microsoft Office documents. Security researchers from...

The recently discovered Red Alert 2 Android Trojan is using an infrastructure that serves fake Adobe Flash Android apps to unsuspecting users, RiskIQ has discovered. read more

Adobe may kill Flash Player by the end of 2020, but until then, the company would not stop providing security updates to the buggy software. As part of its monthly security updates, Adobe has...

Adobe fixed eight vulnerabilities across three products, Flash Player, RoboHelp for Windows, and ColdFusion, as part of its September Patch Tuesday updates.

Adobe has patched only two vulnerabilities in Flash Player this month, but they can both be exploited for remote code execution and both have been classified as critical. read more

IBM researchers have demonstrated a filesystem-level version of the Rowhammer attack against MLC NAND flash memory.

The impending demise of Adobe Flash will create legacy challenges similar to Windows XP as companies begin to wean themselves off the vulnerable code base.

One of yesterday's Flash Player patches was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue.

Mozilla fixed three critical vulnerabilities and made Flash click-to-activate by default when it released Firefox 55 on Tuesday

Starting with the release of Firefox 55 this week, the Adobe Flash plugin is no longer active by default in Mozilla’s web browser, and users of the new version will be required to activate it for...