Maximum-severity Flowmon flaw allows hackers to take over vulnerable devices.

A vulnerability in a popular WordPress plugin leaves the doors open for hackers, and they responded with strength.

Git's credential helper did not properly handle authentication messages, leading to credential leakage, experts warn.

Both OpenSSH bugs have been addressed, and users are advised to patch ASAP.

A zero-day vulnerability in Chrome and Chromium is leaking sensitive data – but true safety lies in broader protection tools.

The group listed partial names of 66 victims and promised to share full names soon.

Researchers are saying a PHP-CGI bug is a global problem.

RADIUS is a decades-old protocol that uses flawed cryptographic design.

More than half of Tinyproxy service hosts affected, and a patch is not yet available.

Three critical vulnerabilities were found in ownCloud open-source cloud platform used by millions of people worldwide.

A months-old vulnerability, with no fix in sight, is being abused to grab VPN passwords.

Vulnerable F5 appliances were being abused for at least three years to steal sensitive data.

Security researchers are urging SonicWall users to apply the available fix as soon as possible.

Security flaw could have granted hackers the ability to read sensitive information.

Silent patch missed some years ago, resulting in a vulnerability trickling down the supply chain.

A WordPress plugin was found allowing attackers to elevate privileges, but the hole was quickly plugged.

High-severity Google Chrome bug is already being abused - and most likely by malicious nation-states.

The Google TAG team discovered a zero-day in Zimbra that allowed hackers to steal email data.

Gladinet CentreStack and Triofox are carrying a flaw that enables RCE, but a mitigation is available.

Devs appaently don't care about exposing sensitive data on GitHub, with many compromising commits remain valid for days.

Google’s Application-Bound encryption is broken once again.

Sensitive data, including passwords and more, was sitting in plaintext, experts warn.

A bug allows threat actors to launch malicious code on Acrobat Reader remotely, and it's already being used in the wild.

The Google Chrome flaw is apparently being abused in the wild, so update now or face the risks.

There is a way to trick a device into thinking it is paired with a new Bluetooth keyboard, with Apple users most at risk.

Crooks are stealing people's credit card data and taking over ecommerce websites.

Passwords and financial data were not taken, but customers should still be on their guard.

Mastodon is giving users until February 15 to patch, after which it will release more details about the flaw.

Polyfill threat seems to be much bigger than initially thought as researchers find nearly 400,000 websites possibly affected.

A new Google Chrome bug was being used to spy on businesses.