Adobe patched the Flash Player vulnerability (CVE-2018-5002) earlier on Thursday.
A critical Adobe flaw is being exploited in targeted attacks against Windows users.
An exploit allows attackers to remotely overwrite archive files with their own content, and from there pivot to achieving remote command execution on the machine.
Researchers said they now believe the malware has infected twice the number of router brands than previously stated and that the malware packs a much deadlier punch.
Remote code execution vulnerabilities dominate this month’s critical Android patches.
More than 115,000 sites are still vulnerable to a highly critical Drupal bug – even though a patch was released three months ago.
An analysis of 10,000 mobile apps has found that a significant portion of them are open to web API hijacking – thanks to inconsistencies between app and server logic in web APIs.
Facebook is again in hot water after an article alleged it struck deals with device-makers to access users’ data.
Original release date: June 04, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information. The vulnerabilities …
Read More »
An attacker can pick up the profile picture, username and the “likes” of unsuspecting visitors who find themselves landing on a malicious website.