Security News

Microsoft’s November Patch Tuesday fixes include mitigation against a zero-day vulnerability leaving Windows 7, Server 2008 and Server 2008 R2 open to attack.

A security researcher has published a zero-day flaw in a commonly-used virtual machine management system without notifying the vendor, justifying it with a scathing critique of the infosecurity industry.

An independent exploit developer and vulnerability researcher has publicly disclosed a zero-day vulnerability in VirtualBox—a popular open source virtualization software developed by Oracle—that...

Bug hunter rages at wearisome disclosure process An infosec researcher has expressed his frustration with disclosure processes by going public with a zero-day in VirtualBox, Oracle's open-source...

A researcher has disclosed the details of a zero-day vulnerability affecting Oracle’s VirtualBox virtualization software. The flaw appears serious as exploitation can allow a guest-to-host escape....

A high severity zero-day flaw exists in Cisco System's SIP inspection engine.

Called BleedingBit, this vulnerability impacts wireless networks used in a large percentage of enterprise companies.

Cisco informed customers on Wednesday that some of its security appliances are affected by a serious vulnerability that has been actively exploited. read more

The unpatched flaw allows an attacker to delete any kind of file on a victim machine, including system data.

A new zero-day vulnerability in Windows was made public on Twitter by the same researcher who published an exploit for a bug in the Windows Task Scheduler at the end of August. read more