With its latest update, WordPress patched a vulnerability that could enable malicious plugin and theme developers to execute SQL injection attacks.
A Colombian security researcher discovered a flaw that could enable attackers to steal Windows NTLM password hashes without any user interaction.
A malicious Google Chrome extension dubbed Catch-All is using a simple phishing scheme to commit data theft against users in Brazil.
A security vulnerability in the Linux kernel could allow external attackers to escalate privileges and execute malicious code.
Researchers found that TPM chipsets manufactured by Infineon create weak RSA key information, which could enable fraudsters to compromise corporate data.
A Belgian security researcher unearthed a massive WPA2 vulnerability that affects virtually all devices that connect to Wi-Fi networks.
Cybercriminals could launch remote attacks through thermal security camera vulnerabilities. The flaw, first found in FLIR, could also expose other systems.
New malware attacks are using popular router hardware to carry out proxy-based credential stuffing. Admins should regularly install firmware updates.
A little-known PDF flaw in a parsing library that was originally discovered six years ago is also present in many contemporary and popular file viewers.
A new vulnerability called ROPEMAKER could enable threat actors to replace a benign URL with a malicious one after an email has already been sent.