The two vulnerabilities affect Rails applications that use PostgreSQL as a database system
Cisco released new software versions to fix the issue and patch another serious vulnerability
Attackers could exploit a flaw in the MailPoet Newsletters plug-in to take full control of vulnerable blogs, researchers from Sucuri said
The company claims its product reduces cyber incident response times by up to 95 percent
The next security notifications will go out Thursday ahead of monthly security patches
The Emotet malware can sniff information even from HTTPS connections, researchers from Trend Micro said.
The new Selfmite Android malware spreads by sending text messages with a malicious link to the device owner's contacts
The company updates the version of Struts included in its vCenter Operations Management Suite product.
An API and mobile app loophole allowed access to 2FA-enabled accounts with only a user name and password, researchers from Duo Security said
Despite visible progress 2,000 servers with large amplification factors remain, a security vendor reports
Rootkits are again on the rise with the number of new samples reaching levels not seen since 2011, a McAfee report said
Attackers compromised ICS/SCADA vendor sites and altered software downloads to distribute the malware, researchers from F-Secure said
The Syrian Electronic Army compromised a third-party widget to redirect some Reuters.com visitors to a defacement page
Developers of the Modern Honey Network want to simplify deployment and monitoring of these threat-intelligence systems
A new version of Android for Nexus devices is primarily a security update that patches the bundled OpenSSL library