Exploits

Oracle’s much-abused Java browser plugin is finally en route to its final resting place. According to Oracle, the plugin will be deprecated in the next release of Java version 9—which is currently available in an early beta stage.

The blog page of one of the leading media sites in the United Kingdom, “The Independent” has been compromised, which may put its millions of readers at risk of getting infected with ransomware.More details at the Security Intelligence Blog.

 Attackers are finding more security gaps to abuse, whether they're in existing public-facing technologies or in new developments in the Internet of Things.

Earlier this year, a PoC malware that could infect Apple Macs through a Thunderbolt accessory was introduced. The sequel to the “Thunderstrike“ exploit doesn’t need physical access and can now be delivered online—just like PC threats.

E-commerce sites have become prime targets for data thieves. The most recent incident involved Magento, eBay’s e-commerce platform.

Details on the programming languages that gets exploited the most, the reasons behind the numbers, and the downsides of using "popular" software.

The biggest incidents in the first three months of 2015 showed that even the most security-savvy users and organizations are not immune to security threats. See how they affected established security measures in the Trend Micro 2015 1Q Security Roundup.

A flaw that affects iOS devices has been discovered that allows nearby attackers to send apps, and even cause infinite reboot cycles on the iOS devices they run on, rendering them temporarily useless.

WordPress sites have recently been defaced by ISIS sympathizers who exploited known vulnerabilities on WP plug-ins. How can Web admins protect their sites from this type of attack?