Security News

Google security researchers revealed that two of the vulnerabilities patched by Apple on Thursday with the release of iOS 12.1.4 were zero-day flaws exploited in the wild by malicious actors. read more

Apple has finally released iOS 12.1.4 software update to patch the terrible Group FaceTime privacy bug that could have allowed an Apple user to call you via the FaceTime video chat service and...

A zero-day vulnerability found in a video-conferencing system and responsibly disclosed led to the response, "Our developers are aware of some known vulnerabilities with the systems, development...

A researcher who discovered a flaw letting him steal passwords in MacOS is not sharing his findings with Apple without a macOS bug bounty program.

A researcher has disclosed the existence of a zero-day vulnerability in macOS Mojave that can be exploited by malware to steal plaintext passwords from the operating system’s Keychain. The flaw...

It's 2019. Should billion-dollar corps do better than offer swag for vulns? Analysis Hunting for exploitable security bugs in software is not an easy way to make a living, and vulnerability...

The commercial Total Donations plugin for WordPress is impacted by multiple zero-day vulnerabilities that are being actively exploited in attacks, Wordfence security researchers report.  read more

The development team of the vulnerable Total Donations plugin appears to have abandoned it, and did not respond to inquiries from researchers.

Easily swapped hashed passwords gives Domain Admin rights via API call. Fix may land next month Microsoft Exchange appears to be currently vulnerable to a privilege escalation attack that allows...

ACROS Security, the creators of 0patch, have released a micropatch for a recently revealed zero-day RCE flaw affecting Windows. About the vulnerability and the micropatch Security researcher John...