While testing of the systems and networks of a financial services company, a team of penetration testers from Offensive Security have unearthed a number of vulnerabilities, including three privilege escalation zero-day bugs affecting Symantec Endpoint Protection, the firm's security software of choice.
Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014.
Tails, the security-focused Debian-based Linux distribution favoured by Edward Snowden, journalists and privacy-minded users around the world, sports a number of critical vulnerabilities that can lead to the user's identity to be discovered by attackers.
A Romanian hacking community has discovered and responsibly reported a critical SQL injection vulnerability found in the latest version (5.1.2) of the popular web forum software vBulletin.
Google has announced the launch of Project Zero, a dedicated internal team that will concentrate on finding zero-day vulnerabilities in Google's and third-party software so that they can be patched before malicious actors have a chance of misusing them.