Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure

Industrial, factory and medical gear remain largely unpatched when it comes to the URGENT/11 and CDPwn groups of vulnerabilities. Continue reading Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure

2 More Google Chrome Zero-Days Under Active Exploitation

Browser users are once again being asked to patch severe vulnerabilities that can lead to remote code execution. Continue reading 2 More Google Chrome Zero-Days Under Active Exploitation

LinkedIn, Instagram Vulnerable to Preview-Link RCE Security Woes

Popular chat apps, including LINE, Slack, Twitter DMs and others, can also leak location data and share private info with third-party servers. Continue reading LinkedIn, Instagram Vulnerable to Preview-Link RCE Security Woes

Microsoft IE Browser Death March Hastens

Internet Explorer redirects more traffic to Edge Chromium browser as Microsoft warns of the upcoming demise of the once dominant browser. Continue reading Microsoft IE Browser Death March Hastens

Mobile Browser Bugs Open Safari, Opera Users to Malware

A set of address-spoofing bugs affect users of six different types of mobile browsers, with some remaining unpatched. Continue reading Mobile Browser Bugs Open Safari, Opera Users to Malware

It’s No ‘Giggle’: Managing Expectations for Vulnerability Disclosure

Vulnerability-disclosure policies (VDPs), if done right, can help provide clarity and clear guidelines to both bug-hunters and vendors when it comes to going public with security flaws. Continue reading It’s No ‘Giggle’: Managing Expectations for Vulnerability Disclosure

WhatsApp Discloses 6 Bugs via Dedicated Security Site

The company committed to more transparency about app flaws, with an advisory page aimed at keeping the community better informed of security vulnerabilities. Continue reading WhatsApp Discloses 6 Bugs via Dedicated Security Site