Security News

A massive string of WordPress compromises are redirecting victims to the Nuclear Exploit Kit and Teslacrypt ransomware.

A National Security Council member promised Rep. Jim Langevin that a final U.S. rule on the Wassenaar Arrangement would not happen without another public comment period.

Netgear's Network Management System suffers from two vulnerabilities, an arbitrary file upload and a path traversal, which could let a remote attacker execute code and download files.

Google again has enhanced its Safe Browsing service with protection against deceptive embedded content.

Security vendor Comodo has been caught in an embarrassing gaffe. The Chromodo browser installed by default with Comodo Internet Security disables the same-origin policy.

WordPress' latest version, 4.4.2, fixes a handful of bugs and vulnerabilities in the content management system.

Researchers are warning that visitors to eBay.com could be tricked into opening a page on the site that could expose them to phishing attacks and data theft.

The gang behind the banking Trojan URLZone has become more active over the past few months and taken aim at banks across Europe and beginning last month, Japan.

Socat published a security advisory warning users that a hard-coded 1024 Diffie-Hellman prime number was not prime, and that an attacker could listen and recover secrets from a key exchange.

Researchers at Rapid7 disclosed details on patched vulnerabilities in the Web APIs of toys from Fisher-Price and hereO that exposed the personal data of children.