Security News

The development team of the vulnerable Total Donations plugin appears to have abandoned it, and did not respond to inquiries from researchers.

Easily swapped hashed passwords gives Domain Admin rights via API call. Fix may land next month Microsoft Exchange appears to be currently vulnerable to a privilege escalation attack that allows...

ACROS Security, the creators of 0patch, have released a micropatch for a recently revealed zero-day RCE flaw affecting Windows. About the vulnerability and the micropatch Security researcher John...

An updated version of the Fallout exploit kit recently emerged with an exploit for a recent Flash zero-day included in its arsenal, Malwarebytes Labs security researchers warn. read more

Companies are willing to pay ever-increasing amounts for good zero-day exploits against hard-to-break computers and applications: On Monday, market-leading exploit broker Zerodium said it would...

Multiple hardcoded passwords allow attackers to create badges to gain building entry, access video surveillance feeds, manipulate databases and more.

Any chance we could appeal to your conscience and integrity and put in a call for ethical disclosure?

Well, there's some good news for hackers and vulnerability hunters, though terrible news for tech manufacturers! Exploit vendor Zerodium is now willing to offer significantly higher payouts for...

Apple exploits will fetch the highest price.

Some last-minute wrapping of security-related tips from this week Roundup If you're reading this while on-call for IT support, network security, or what have you, then we salute you. If you're...