A Romanian hacking community has discovered and responsibly reported a critical SQL injection vulnerability found in the latest version (5.1.2) of the popular web forum software vBulletin.
Google has announced the launch of Project Zero, a dedicated internal team that will concentrate on finding zero-day vulnerabilities in Google's and third-party software so that they can be patched before malicious actors have a chance of misusing them.
Given that Microsoft has closed the Internet Explorer 0-day vulnerability that was exploited to compromise US-based defense and financial firms, the Sourcefire vulnerability research team has decided to share some more details about the exploit.
Microsoft has issued an out of band security update to patch the zero day vulnerability that affects all versions of Internet Explorer and is being actively exploited in the wild in targeted attacks seemingly directed against US-based defense and financial firms.
Adobe has pushed out new versions of Flash Player for Windows, Mac and Linux, as a newly discovered zero-day vulnerability affecting the software is being actively exploited in the wild.