Attackers can now bypass the same-origin policy in Internet Explorer with a newly discovered vulnerability that allows them to inject malicious code into any website and steal cookies.
A week of Google porn, Net Neutrality, Lollipop updates, Xbox burgers and a Wankband
The YotaPhone 2 is probably the most interesting phone since the iPhone 3G - Review
Hands On with Microsoft's wireless charging pad, the DT-903
Windows 10 for phones news
Windows 10 for phones
Hands On with Microsoft's new Comfort Headset
microsoft comfort headset
All the latest on Windows 10
Windows 10 promo
Google has taken new steps to improving the privacy of its email client, Gmail. A new security concept has been used on the client that prevents possible malicious add-ons from snooping on your email.
Hundreds of thousands of WordPress websites have been infected by malware coming from a premium plugin. This then turns these websites into a malware distribution system, upon every visit.
According to a report from a cybersecurity company, Russian hackers have been using a Windows exploit found in almost all versions of the OS to spy on important institutions and governments.
Symantec has found that a seemingly organized group of hackers, nicknamed Dragonfly, has been infiltrating energy providers by using trojans and phishing techniques. The group has yet to be caught.
Multiple Mediatek-based smartphones, including the Acer Liquid E2, are automatically restarting themselves upon receiving a plain equals sign ("=") in an SMS message. However the fix is fairly simple.
WordPress users could be left vulnerable over unsecured networks due to unencrypted cookies when logging in to the website, which means possible exposure of private emails, user settings, and more.
Two separate estimates show that around half of the servers previously affected by HeartBleed are still susceptible. The estimates show around 318,239, or 2.33% of all servers are still vulnerable.
CRA Commissioner Andrew Treusch stated that over a period of six hours, the Social Insurance Numbers of around 900 people were removed from CRA computer systems.
Significant flaw revealed in Apple iOS, and potentially also affecting Apple OSX Mavericks
A security firm has discovered a new zero-day exploit in Internet Explorer 10 and Adobe Flash that has been found on the U.S. Veterans of Foreign Wars' website and could be targeting the U.S. military
An exploit targeting the Find My Phone service on the latest iOS devices has been published. The security flaw allows for a hacker to prevent any access to the device remotely, preventing GPS tracking
Snapchat users can rest a bit easier today, as the company has finally updated its mobile apps. Folks can now opt out of the feature that was used in the exploit that exposed 4.6 million accounts.
Hackers posted up the usernames and phone numbers for 4.6 million Snapchat accounts on a website this week, thanks to exploiting a known security issue with the service that has yet to be fixed.
Microsoft has announced an expansion of its $100,000 Windows exploit bounty program to include submissions from responders and forensic experts who find these bugs in the wild.
A Google security engineer has posted evidence of a Windows zero-day exploit on a public website. Microsoft stated that it is investigating the claim but said there's no evidence it is being used.
The new Internet Explorer 8 zero-day exploit that was confirmed by Microsoft on Friday is being blamed as the cause of attacks that have created malware infections on a number of websites.
Microsoft has now released a "Fix It" patch for the exploit that was discovered last week in its Internet Explorer 6, 7 and 8 versions and is still working on a full update for those browsers.
Microsoft has finally responded to the claims that arose yesterday that said there was a flaw with Internet Explorer that would allow your mouse to be tracked.
A flaw that was discovered and disclosed to Microsoft in October has been revealed that allows anyone to track your mouse movements and Microsoft has refused to fix the issue.
Microsoft has finally patched an exploit that would turn an illegal copy of Windows 8 into a legal copy by downloading the free Windows Media Center add-on from Microsoft.
A security company called VUPEN claims to have found a zero day exploit in Windows 8 and Internet Explorer 10 and is selling that information to companies. Microsoft has no comment yet.
A new Sophos study claims that Microsoft's Bing search engine has twice as many 'poison links' as Google, with image searches in particular being plagued by Blackhole exploits and malware.
A security researcher has discovered another zero-day security exploit in Java, one that affects pretty much every Java version across every browser - putting around one billion computers at risk
Samsung has confirmed that a Galaxy S III updated to the latest software version is not vulnerable to the USSD TEL code remote wipe exploit. No word was given regarding other TouchWiz devices
An exploit has been video recorded which showcases ISOs for Metal Gear Solid: Peace Walker and Shining Blade loading and running on Sony's newest handheld console, the PlayStation Vita.
Google faces an investigation from the Federal Trade Commission over an exploit they manipulated with Safari's cookies, allowing them to track users who did not give permission to be tracked.
An Illinois woman has filed a lawsuit against LinkedIn after its password breach, citing the company's incorrect claims about its level of protection for users.
Both Microsoft and Google have sent out advisories warning users of an IE zero-day exploit that's being used to hijack Gmail accounts, with Google claiming these attacks are "state-sponsored"
A Windows hack allows a user with access to a computer to configure it to run applications on top of the login screen with administrator rights and is virtually undetectable.
Microsoft has confirmed that it has fixed an password reset exploit in Hotmail after the problem had apparently already been discovered by hackers earlier this month.
Chinese hackers have released the road map to creating an exploit code designed to go after a Windows remote desktop protocol flaw that Microsoft issued a patch for this week.
A web browser exploit that caused a flood of pornographic and violent images to be posted on the News Feeds of a number of Facebook users has now been stopped, according to the company.
A new vulnerability in OS X Lion has been discovered that allows you to bypass a password if authenticating using LDAP; Apple has reportedly confirmed the bugs existence.
According to Indian security expert Rishi Narang, popular business networking site LinkedIn has security vulnerabilities that could lead to unauthorized account access without a password. This vulnerability it just the latest in a huge string...
Mobile security is quickly becoming a hot topic as iOS and other platforms came under fire for tracking users' location, although that was quickly patched by Apple. Now, reports from the Register state that 99%...
No stranger to security scares, Adobe is once again at the center of a new potential threat to the company's Flash software for just about every platform; Windows, Linux, Mac and Android (as well as...
On the second day of the pwn2own competition in Vancouver B.C., hackers took to their devices and showed off what they have secretly been working on. After a successful first day, where we saw Safari...
Facebook has a plethora of personal information that when any exploit, no matter how small, surfaces, it can become a huge security risk. A new exploit has surfaced that allows anyone to access any photo...
Facebook is the holder of more personal data than most people will want to admit or feel comfortable sharing, so when an exploit hits the popular service, users should take notice. The newest exploit attacks...
As the cat and mouse game between Apple and the jailbreaking community continues, another exploit has been discovered that will jailbreak the iPhone 4, iPod touch 4 and iPad. The exploit was found within the...
A bug in Facebook's login system reveals your full name and profile picture, no matter how high your privacy settings are set. As spotted by The Register, it's a wonder why no one has noticed...
Apple released another update for the iPod touch, iPhone 3G, 3GS and 4 today, patching two security holes in the operating system. iOS 3.2.2 for the iPad has also been released. The update patches a security...
Apple has reportedly readied a fix for an exploit uncovered yesterday which could potentially allow hackers to gain un-permitted access to devices running Apple's mobile operating system, iOS. Apple said yesterday that it was "investigating" the...
Microsoft issued a security bulletin on Friday to warn customers of a 0-day exploit involving the Windows Shell. The vulnerability is caused due to an error in Windows Shell when parsing shortcuts (.lnk). The flaw can...
Gawker Media has uncovered a major security breach at AT&T exposing iPad owners including dozens of CEOs, military officials, and top politicians. Gawker were handed an exclusive email list based on a collection of early-adopter iPad...
A new vulnerability has been revealed today that can access your data on your iPhone, even when your phone is in a locked and un-jailbroken state. PIN codes to protect users from accessing your...
Microsoft said on Tuesday that it is investigating a publicly reported vulnerability in the Windows Canonical Display Driver (cdd.dll) affecting 64-bit versions of Windows 7 and Windows Server 2008 R2. The flaw resides in the Canonical...
As Neowin reported earlier this week, WordPress blogs were compromised on what was originally thought to be GoDaddy servers.Â Neowin spoke exclusively with Todd Redfoot, a security expert at GoDaddy, who explained the exploit. GoDaddy reassures...
After Sony released firmware 3.21 and, to the chagrin of users all over the globe, disabled the option to install a third-party OS on on the system, Geohot vowed to return the functionality to the...