Vulnerabilities & Exploits

A cross-site scripting (XSS) vulnerability found in the Jetpack plug-in of the popular content management system WordPress puts over a million websites using it at risk of getting their admin accounts hijacked.

Adobe releases a security update aimed at fixing issues with add-in installer, Adobe Connect.

Users and software vendors using the application are strongly urged to update to the latest version after discovering major vulnerabilities in the program.

Adobe is set to release a patch that addresses a critical vulnerability that is actively being exploited in the wild.

Image-processing tool ImageMagick has been found to have a bug that could expose websites to attacks, affecting sites that use the tool and those that allow image uploads.

Windows PC users are advised to uninstall Apple’s QuickTime player due to a number of critical vulnerabilities found.

Adobe is expected to release a security update on April 7 to fix a critical vulnerability that is actively exploited in the wild.

A new post on an underground cybercrime forum confirmed the theft and intent to sell stolen data of 1.5 million customers of Verizon Enterprise Solutions.

Researchers from Johns Hopkins University found a flaw that allowed an attacker to decrypt content sent through Apple’s iMessage app.