Microsoft has quietly issued a fix for a critical vulnerability in Windows Defender's Malware Protection Engine. The problem was discovered by the same Google researcher who found an earlier exploit.
A new Android exploit called 'Cloak and Dagger' allows attackers to add an invisible UI layer on your screen, allowing them to control your phone, log keystrokes and much more without your knowledge.
The highly infectious ransomware known as 'Wannacry', which has infected thousands of computers across the world, has evolved to combat a temporary solution discovered by researchers.
A new ransomware called Wannacry/Wanna has affected over 57,000 computers in over 70 countries. The attack has hampered organisations across the world and encrypts all files pending a ransom payment.
A flaw in Microsoft's in-house browser for Windows 10, Edge, has been discovered by a security researcher. The vulnerability would allow hackers to steal your cookie and password data.
Microsoft has issued an update to fix a flaw in its Malware Protection Engine. The flaw would have allowed for an attacker to use remote code execution, therefore putting many users at risk.
A Google security researcher has reportedly discovered a "crazy bad" vulnerability in Windows, which can easily spread. Although full details aren't available yet, a report is expected to follow soon.
It was revealed via an advisory that Intel has finally patched a security vulnerability which has been around since 2008. It affects the firm's management solutions, firmware versions 6 through 11.6.
Security researchers over at McAfee have found that attackers are exploiting an unpatched vulnerability within Microsoft Office, which allows for full control to be taken of the victim's PC.
An exploit within the web platforms of WhatsApp and Telegram was found by Check Point Security, which could allow hackers to take full control of your account just by sending an innocent-looking file.
After initial silence on the issue, Google has now put out a statement regarding the alleged CIA exploits exposed by WikiLeaks. Google says many of the issues in Chrome and Android have been fixed.
Researchers have discovered a critical issue in the popular web application framework and patched it a couple of days ago. But since then the number of attacks targeting it have gone up dramatically.
Google has publicly revealed yet another unfixed vulnerability in Microsoft's products. This time, the flaw affects Edge and IE, causing the browsers to crash along with arbitrary code execution.
Yesterday's Patch Tuesday saw numerous bug fixes and additions to many of Microsoft's operating systems. However, breaking with tradition, Microsoft released a very small number of security fixes.
Yesterday's Patch Tuesday saw the launch of a new cumulative update for Windows 10, as well as a number of security patches; they fixed critical flaws that were already being exploited in the wild.
A security researcher has found a vulnerability in Google's login pages, which could be manipulated for malware download. However, Google did not consider the issue to be alarming.
The Vine team at Twitter had a domain that allowed anybody - without authentication - to download their images for the Vine webapp. The vulnerability has since been fixed.
Old Intel code still present in UEFI firmware used by many machines has left devices open to attacks. Lenovo admits that the Secure Boot-disabling vulnerability's scope of impact is industry wide.
A security researcher has found an exploit-chain that can be used on Android devices with Qualcomm chips to break into the device's disk encryption. This exposes all of the user's data.
A zero-day vulnerability is being exploited in the wild across all platforms, as Adobe's engineers scramble to put out a patch this week. This is the third such instance in as many months.
A credible zero-day vulnerability is being auctioned off on criminal websites. The exploit can be used on all versions of Windows including 10 and can even supposedly bypass Microsoft's EMET suite.
Microsoft and Adobe are warning users against two zero-day vulnerabilities that are being used in the wild. Microsoft already patched its software with yesterday's Patch Tuesday.
The Lenovo Solution Centre, pre-bundled on almost every Lenovo PC, has been found to have a flaw that could put affected PCs at risk of attack, by allowing elevated privileges on the machine.
A severe vulnerability was recently discovered that affected Apple's OS X and iOS operating systems. It could allow for an attacker to execute arbitrary binaries and even load unsigned kernel code.
Security researcher, Chris Vickery, managed to find a publicly available server which held the details of all US voters. Luckily, public access to the database has now been cut off.
An independent researcher has uncovered a problem with the Android and browser versions of WhatsApp. An attacker can send around 4,000 smileys to their target which causes the victim's app to crash.
Recently, it was discovered that Home Hub 1000 and 2000 series routers supplied by Bell Canada were susceptible to attack via its Wi-Fi interfaces due to a flaw involving WPS.
The latest batch of security patches is now out from Microsoft and a number of them address critical vulnerabilities. As such we recommend you upgrade as soon as possible to keep your machine safe.
Lenovo, Dell and Toshiba have been found to be shipping vulnerable bundleware on their PCs. The software would allow attackers to execute code and commands with system level permissions.
According to a Reddit user, some Dell units come with a pre-installed SSL certificate, eDellRoot, that could cause potential for SSL attacks. This is familiar - a year ago, Lenovo had a similar issue.
A blogger based in Beijing has uncovered a vulnerability on how Microsoft account identifiers are retrieved in plain text; meaning when you visit Outlook.com or Calendar you could be tracked.
A new report claims that a new set of vulnerabilities, dubbed Stagefright 2.0 in the Android OS may be affecting more than a billion users and every device is susceptible to malicious attacks.
A lock screen bypass vulnerability has been discovered in Android version 5.0-5.1.1. The bypass allows an attacker to gain full access to a locked device even when encrypted.
Sony is rolling out new firmware (build 14.6.A.0.368) for some Xperia handsets - and unlike a similar update it pushed out last week, this one includes a fix for the Android Stagefright vulnerability.
It is not uncommon for Microsoft to issue security updates for its products. The latest update patches a vulnerability for Internet Explorer that spans all supported versions.
Researchers have outlined a vulnerability in the way permissions for support apps are installed by most OEMs on their Android devices which can allow for total control of a device.
After Google committed to providing monthly security updates for Nexus devices, Samsung and LG have now said that they will do the same, releasing regular patches for their Android phones and tablets.
A malicious exploit hidden in an advertisement on a Russian site allowed access to Firefox users' files and could upload data to an external server; users are advised to upgrade to new version.
The vulnerability lets an attacker take control of any device running Android 2.2 onwards using multimedia content - but while Google has had a patch since April, 95% of devices remain unprotected.
Adobe has released a security patch for its Flash Player to fix a critical security vulnerability that has apparently been exploited by a Chinese cyber-espionage group for several weeks.
Samsung has issued a statement and will begin rolling out an update for those affected with the Galaxy keyboard vulnerability. The vulnerability is thought to have affected over 600 million devices.
A recently-discovered vulnerability in Apple's Macintosh computers allows hackers to dig deep into your computer undetected and rewrite how your machine works.
In an effort to patch any possible vulnerabilities, United Airlines has launched a program which will reward up to 1 million free miles to anyone who finds a bug or security flaw in their website.
A Russian coder recently found a vulnerability in YouTube which allowed him to delete any video on the service, he also said that he was "tempted to clean up Bieber's channel" following its discovery.
Facebook has paid $12,500 to Laxman Muthiya, an Indian Security researcher for reporting a major vulnerability which could allow hackers to delete all the public photos on the social platform.
Details of another Windows vulnerability have been published by Google before Microsoft was able to release a patch, which can now be more widely exploited by anyone as a result of its disclosure.
The POODLE bug knows no bounds and has even affected the MetroTwit app, and as a result, the developers have decided to issue a hotfix for the retired Twitter client - but this is probably a one-off.
A Copenhagen-based developer has discovered a vulnerability that allows telephone numbers in Safari pages on the iPhone to automatically place calls, to any number including the expensive ones.
Multiple Mediatek-based smartphones, including the Acer Liquid E2, are automatically restarting themselves upon receiving a plain equals sign ("=") in an SMS message. However the fix is fairly simple.
Microsoft has updated the Malware Protection Engine found in many of its security programs such as Windows Defender, Security Essentials and Forefront Security, to patch a serious vulnerability.