Security News

US Defense Department Defenders Say Attackers Don't Need No Stinking Zero DaysThe head of the NSA's Cybersecurity Threat Operations Center says attackers haven't bothered targeting unclassified...

Chinese security company announces Internet Explorer zero-day exploit that's triggered by Word. So far... that's all she wrote.

Google Discloses Unpatched Windows Lockdown Policy Bypass read more

Quihoo 360 plays the responsible disclosure game Chinese company Quihoo 360 says it's found a Windows zero-day in the wild, but because it's notified Microsoft, it's not telling anyone else how it works.…

Bug bounty sales are getting very complicated, financially andmorally B-SIDESSF Barely a decade ago the mere idea of selling vulnerabilities was highly controversial. Today the market is mature,...

Last week, the Israeli security company CTS Labs published a series of exploits against AMD chips. The publication came with the flashy website, detailed whitepaper, cool vulnerability names --...

Microsoft wasn't able to come up with a patch within Google's non-negotiable "you have 90 days" period, so the flaw is now public.

Bitmessage developers have warned of a critical 'remotely executable' zero-day vulnerability in the PyBitmessage application that was being exploited in the wild. Bitmessage is a Peer-to-Peer...

An emergency update released on Tuesday for the PyBitmessage application patches a critical remote code execution vulnerability that has been exploited in attacks. read more

A zero-day vulnerability impacting Telegram Messenger’s Windows client had been exploited in malicious attacks for months before being discovered and addressed.  read more