A Seattle computer security consultant says he's developed a new way to exploit a recently disclosed bug in the SSL protocol, used to secure communications on the Internet. The attack, while difficult to execute, could give attackers a very powerful phishing attack.
A hacker has posted attack code that could be used to break into a PC running older versions of Microsoft's Internet Explorer browser.
Social-networking sites MySpace and Facebook have apparently fixed coding errors that could have allowed an attacker access to all of their users' data and photos.
Sun Microsystems and Research In Motion have issued critical bug fixes for security issues with their products.
Webmasters who find an annoying error message on their sites may have caught a big break, thanks to a slip-up by the authors of the Gumblar botnet.
Cisco Systems has released its twice-yearly set of security patches for its router firmware, fixing 12 security flaws in the products.
Mozilla on Wednesday patched 10 security vulnerabilities in Firefox 3.5, all but one ranked critical, as it delivered the first update that automatically checks for outdated versions of the popular Flash Player plug-in.
Microsoft took the unusual step today and skipped patching one of the vulnerabilities addressed in its monthly security update, saying that crafting a fix was "infeasible."
Microsoft late Tuesday confirmed that a bug in Windows Vista, Windows Server 2008, and the release candidates of Windows 7 and Windows Server 2008 R2, could be used to hijack PCs.
Microsoft says that cyber-criminals are starting to exploit an unpatched bug in its IIS server software that was made public earlier this week.
A hacker has posted code that could be used to take over a system running Microsoft IIS (Internet Information Services) server.
Cisco Systems downplayed a vulnerability in some of its wireless access points, reporting Tuesday that there is no risk of data loss or interception.
More than 9 out of every 10 Windows users are vulnerable to the Flash zero-day vulnerability that Adobe won't patch until Thursday, a Danish security company said today.
In an effort to draw attention to an long-standing security problem in Apple's Mac OS X operating system, a security researcher has posted attack code that exploits the flaw.
As expected, Microsoft today patched a six week-old critical vulnerability in PowerPoint, the presentation maker that's part of the popular Office suite, using a single security update.