Microsoft issued a security advisory for a remote code execution (RCE) vulnerability that exists on the Windows Host Compute Service Shim (hcsshim) library, an open source tool used to import Docker containers and run on Windows systems.
Tenable Research discovered a critical remote code execution vulnerability in Schneider Electric’s InduSoft Web Studio and InTouch Machine Edition.
Security firm Trustlook has found at least 25,936 malicious apps using one of Facebook’s APIs, such as a login API or messaging API. Such malicious apps could then use and abuse a range of Facebook login profiles, such as name, location and email address, according to recent blog post.
Microsoft has released two additional Windows security updates that address the Spectre side-channel vulnerabilities that were revealed in January of 2018.
Drupal issued a security advisory (SA-CORE-2018-004) on Wednesday to address a Highly Critical Remote Code Execution vulnerability (CVE-2018-7602). It is important to note this vulnerability is being exploited in the wild. An excerpt…
A new vulnerability dubbed "Total Meltdown" was discovered last month after Microsoft issued patches to fix the previous Meltdown vulnerabilities.
A leaky Mongo database exposed nearly 25,000 personal records from a Bezop cryptocurrency server. Bezop is one of over 1,000 cryptocurrencies.
An advanced persistent threat (APT) hacking group has been exploiting an unpatched Internet Explorer (IE) vulnerability to infect Windows PCs with malware.
In an effort to protect patient safety and promote public health, the US Food and Drug Administration (FDA) released a new Medical Device Safety Action Plan.
Security researchers from Symantec have disclosed a new iOS vulnerability dubbed 'Trustjacking' that allows an attacker to exploit an iTunes Wi-Fi Sync feature and take control of a victim's device.