Lenovo admits to Superfish screw-up, will release clean-up tool
Lenovo has admitted it "messed up badly" by pre-loading software on some consumer laptops that exposed users to possible attack, and said it will soon release a tool to remove it.
Lenovo has admitted it "messed up badly" by pre-loading software on some consumer laptops that exposed users to possible attack, and said it will soon release a tool to remove it.
Microsoft patched a critical vulnerability Tuesday that put Windows computers at risk of full compromise, especially those in corporate networks.
A Chinese hacking group infiltrated the Forbes.com site in November and used it to launch targeted attacks against website visitors from U.S. banking and defense companies, a cybersecurity company said on Tuesday.
Industrial computer manufacturer Advantech has fixed a critical vulnerability in a series of devices that handle data communication for industrial equipment with serial connections and TCP/IP networks.
WordPress sites with the plug-in Fancybox-for-WordPress should apply a critical security update released Thursday that fixes a vulnerability already exploited by attackers.
Siemens released critical security patches for the firmware in its Ruggedcom WIN products which are used as broadband wireless base stations in industrial environments.
Adobe Systems has started distributing an update for the latest Flash security flaw, which is already being exploited in malicious advertising attacks.
Google has expanded its bug bounty programs to cover the company's official mobile applications, and is seeking to stimulate vulnerability research on particular products by offering money in advance to bug hunters.
A critical vulnerability in glibc, a core Linux library, can be exploited remotely through WordPress and likely other PHP applications to compromise Web servers.
The SilentText secure messaging application bundled with Blackphone had a serious vulnerability that would have allowed attackers to decrypt messages, read contact information, gather location data and even execute malicious code on the phone.
Adobe Systems started pushing a critical Flash Player patch to users who have auto-update enabled over the weekend in order to fix a vulnerability that has been exploited by attackers since last week.
Emergency updates for Flash Player released Thursday fix a vulnerability that is actively exploited by attackers, but leave a separate one unpatched.
A critical vulnerability in popular software development collaboration products by Atlassian allows attackers to compromise servers.
Oracle released new security updates for Java to fix 19 vulnerabilities and disable default support for SSL 3.0, an outdated version of the secure communications protocol that is vulnerable to attacks.
Oracle's monster batch of security updates will include a fix for a serious misconfiguration issue in its E-Business Suite product that can give hackers access to databases full of sensitive business records.