The new Flash Player update patches 12 vulnerabilities, many of which could allow remote code execution
Users of Enigmail 1.7 are advised to upgrade to version 1.7.2 as soon as possible
A new version of the Dyreza online banking Trojan is stealing Salesforce.com log-in credentials
Phishing emails masquerade as security alerts from Apple about rogue iTunes purchases, researchers from Symantec said
The new malware program is an OS X version of a Windows backdoor called XSLCmd, researchers from FireEye said.
LinkedIn now allows users to see and terminate their authenticated sessions from multiple devices
WordPress admins should check if their sites use the Slider Revolution plug-in and update it immediately, researchers said
The company will pay researchers at least $140 for privately reporting serious vulnerabilities in its Web services and mobile apps
Attackers use cross-site request forgery techniques to change router settings when users visit malicious websites
New attacks with the Angler exploit kit inject code directly in browser processes without leaving files on disk, a researcher found.
Attackers are using a sophisticated Web-based tool to gather information on potential targets, researchers from AlienVault said
The gang behind this dangerous ransomware program has earned US$1 million so far, researchers from Dell SecureWorks said
It's the second database exposure incident reported by the organization in a month, but the passwords were encrypted.
The number of vulnerabilities could reach a three-year low in 2014, but correctly assessing their risk can be hard, IBM researchers said
Attackers redirected users to Web-based exploits by pushing malicious advertisements onto popular sites, researchers from Fox-IT said