Thunderspy attacks: What they are, who’s at greatest risk and how to stay safe
All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface
All you need to know about preventing adversaries from exploiting the recently disclosed vulnerabilities in the Thunderbolt interface
The company urges organizations to waste no time in installing updates to fix the vulnerability that rates a ‘perfect’ 10 on the severity scale
The vulnerability exposed Zoom users running Windows 7 or earlier OS versions to remote attacks
A study paints a dim picture of router security, as none of the 127 devices tested was free of severe vulnerabilities
The vulnerability, which received the highest possible severity score, leaves thousands of devices at risk of being taken over by remote attackers. A patch is available.
The out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical
Devices used in the energy, transportation and communications sectors are also affected by the flaws in the TCP/IP software library
The latest Patch Tuesday knocks out a record-high number of vulnerabilities, including new bugs in the SMB protocol
The browser maker rolls out updates on back-to-back days, including a patch to avoid unintentionally overloading DNS providers
The tech giant rewards the bug bounty hunter who found the severe flaw in its login mechanism with US$100,000
Left unpatched, the vulnerability could expose almost all Android users to the risk of having their personal data intercepted by attackers
As many as 30 different smartphones, laptops and other devices were tested – and all were found to be vulnerable
Another vulnerability in the same Windows component was abused by Stuxnet a decade ago
A new attack method enables bad actors to access data on a locked computer via an evil maid attack within 5 minutes
An unknown threat actor is exploiting vulnerabilities in plugins for which patches have been available for months, or even years
Microsoft plugs a security hole that could have enabled attackers to weaponize a GIF in order to hijack Teams accounts and steal data
A pair of vulnerabilities in the default email app on iOS devices is believed to have been exploited against high-profile targets
In worst-case scenarios, some vulnerabilities could even allow attackers to take control over the central units and all peripheral devices connected to them
Updates for the critical-rated vulnerabilities, which are being actively exploited in the wild, are still weeks away
NordVPN praised its bug bounty program and said that a fix had been shipped within two days