A software program shipped with some Samsung mobile devices allows access to the file system through the modem, the developers said.
The flaw could enable remote code execution attacks, the company says.
Leaked documents show the agency was planning to expand its infrastructure for active attacks since at least 2009.
The vulnerabilities don't allow remote code execution, but can be exploited to bypass other security restrictions
Attackers exploited the pingback feature in WordPress to use 160,000 WordPress sites as DDoS proxies, researchers from Sucuri said
An exploit for the SQL injection vulnerability has been publicly available for over a month, said security researchers from Sucuri
The flaws can be exploited to gain unauthorized access or cause denial-of-service conditions.
The tool can be used to add malicious functionality to legitimate applications, researchers from Symantec said.
The flaws allowed hackers to overdraw accounts on the two websites without being detected.
Attackers have used a variety of techniques to exploit known vulnerabilities in router models from different manufacturers.
Developers will need to present compelling arguments for getting their plug-ins on the whitelist, Mozilla said
The rootkit works on 32-bit and 64-bit Windows versions and protects the malware's components from being deleted.
The RSA Conference app exposes information about attendees in a SQLite database file, according to IOActive.
Researchers signed an open letter outlining 10 transparency principles for companies to regain user trust following surveillance revelations
The exploit is being distributed from many compromised websites around the world, researchers from Symantec said