Vulnerabilities in Apache Tomcat, which is deemed as the world's most widely used web application server used in over 70 percent of enterprise data centers, were uncovered.
A fake Wordpress plugin containing a backdoor and three zero-day vulnerabilities—all affecting the high-profile blogging platform WordPress—were recently discovered.
A security researcher found a remote code execution exploit that can potentially take over a range of devices with Broadcom Wi-Fi chips. The exploit is rooted in a vulnerability with the chip's firmware, similar to the Broadpwn exploit.
A remote access and command execution vulnerability (CVE-2016-10176) was recently seen actively exploited by RouteX, a malware that targets Netgear routers.
Using a Bluetooth-enabled device? You might want to check if you're leaving the Bluetooth connection turned on. It may be vulnerable to malware attacks that can remotely take over it.
Standard maintenance policies leave machinery vulnerable to attack. Both hardware and software are vulnerable when normal operations and security protocols are paused or switched to another mode so that updates or fixes can be applied.
Major events shook the global threat landscape in the first half of 2017. Our midyear security roundup covers the old and the new, from ransomware and BEC scams to potential attacks against industrial robots.
A critical Remote Code Execution (RCE) vulnerability was recently discovered in Apache Struts 2, and it has potential to be more damaging than its predecessors, including even the notorious POODLE.