Attackers compromised two php.net servers, injecting malicious code into the website, so The PHP Group is resetting passwords for the official website of the PHP programming language. It's also changing php.net's SSL certificate.
Software security updates from Cisco address denial-of-service and arbitrary command execution vulnerabilities in several products.
The Flash Player plug-in has more restrictions, which should mean improved security under Safari on Mac OS X Mavericks.
Vulnerabilities in the management interfaces of some wireless router and network-attached storage products from Netgear expose the devices to remote attacks that could result in their complete compromise, researchers warn.
Attackers are using real browsers on infected computers to attack Web applications and bypass DDoS protection.
The Mexican government has condemned newly reported spying activities of the U.S. National Security Agency against the country's former president while he was in office.
Belgian telecommunications group Belgacom found unauthorized changes made to a router at its BICS subsidiary, which provides wholesale communication services to hundreds of operators worldwide.
Hackers managed to steal a database containing customer credentials and contact information from PR Newswire, a major press release distribution service that's used by tens of thousands of companies and public relations agencies.
Oracle fixed on Tuesday 127 security issues in Java, its database and other products, patching some flaws that could let attackers take over systems.
A security issue in some of D-Link routers could allow attackers to change the device settings without requiring a username and password. D-Link says it will address the problem with a firmware update by the end of the month.
The Brazilian Federal Data Processing Service, known as Serpro, will build a secure email system for Brazil's federal government following media reports that foreign intelligence agencies intercepted electronic communications in the country.
The Electronic Frontier Foundation, a digital rights watchdog, says it's dropping out of the Global Network Initiative because corporate members of that group can't reveal how the government may have forced them to cooperate with surveillance programs.
The vulnerability allows attackers to abuse the vBulletin configuration mechanism to create a secondary administrative account, the researchers said Wednesday.
Cisco Systems has released security patches for authentication bypass, command execution and denial-of-service vulnerabilities affecting products that use its Adaptive Security Appliance (ASA) software, as well as the Cisco Catalyst 6500 series switches and Cisco 7600 series routers.