Adobe Systems released an emergency patch for Flash Player in order to fix a critical vulnerability that attackers are already taking advantage of.
Attackers are abusing yet another widely used protocol in order to amplify distributed denial-of-service attacks: the Lightweight Directory Access Protocol (LDAP), which is used for directory services on corporate networks.
The software used to program and deploy code to various Schneider Electric industrial controllers has a weakness that could allow hackers to remotely take over engineering workstations.
The Joomla developers are warning website administrators to apply an update for the popular content management system that fixes two critical vulnerabilities.
Researchers have devised a new way to fully compromise Android devices without exploiting any software vulnerability and instead taking advantage of a physical design weakness in RAM chips.
The maintainers of Linux distributions are rushing to patch a privilege escalation vulnerability that's already being exploited in the wild and poses a serious risk to Linux based servers, desktops and other devices.
A new open-source tool called MBRFilter can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks.
A feature in Intel's Haswell CPUs can be abused to reliably defeat an anti-exploitation technology that exists in all major operating systems, researchers have found.
Oracle has released another large batch of patches, fixing many critical vulnerabilities in enterprise products that are used to store and work with critical business data.
A new security audit has found critical vulnerabilities in VeraCrypt, an open-source full-disk encryption program that's the direct successor to the widely popular, but now defunct, TrueCrypt.
Attackers compromise online shops and store stolen payment-card details inside legitimate image files in order to avoid detection.
Cybercriminals have unleashed a new banking Trojan onto the Internet and it bears striking similarities to Dyre, a malware threat believed to be dead for almost a year.
Many users around the world had trouble accessing some HTTPS websites due to an error at GlobalSign, one of the world's largest certificate authorities.
Almost 6,000 online shops have been compromised by hackers who added specially crafted code that intercepts and steals payment card details.
Cisco Systems has patched a critical vulnerability that could allow attackers to gain access to Cisco Meeting Server deployments, which are used in enterprise environments for video and audio conferencing.