Vulnerabilities & Exploits

Researchers have discovered a vulnerability in the mail transfer agent (MTA) Exim. If exploited, attackers could execute arbitrary code on vulnerable servers remotely. Exim has already released a patch for this and urges everyone to update immediately.

An update of the Spectre attacks called SgxPectre can obtain data from Intel's SGX enclaves, which are supposedly secure repositories for sensitive and valuable data.

Vulnerabilities in Facebook’s Account Kit and how it's implemented by Tinder can potentially let hackers take over Tinder accounts using only the victim’s phone number. How can DevOps figure in the equation?

A new campaign exploiting CVE-2018-4878 involves the use of malicious spam — specifically with a spam email that with an embedded link that directs the recipient to a Microsoft Word lure document.

We delved into 2017’s most notable threats to see what lies ahead in the mobile landscape, and what users and organizations can do to navigate it in 2018 and beyond.

In a security alert posted on its website on January 31, The South Korean Computer Emergency Response Team (KR-CERT) warned of a zero-day vulnerability in Adobe Flash player that could be maliciously exploited.

New vulnerabilities in a gas station software that could allow attackers to pull off a variety of malicious attacks, which includes shutting down fuel pumps, hijacking credit card payments, and taking control of systems connected to a gas station.

In a security-related incident, a security researcher discovered a bug that allows an attacker to bypass the Uber app's two-factor authentication (2FA) feature.

A discovered bug dubbed as ChaiOS can cause the iMessage app to crash or reboot repeatedly.