Decemberís Patch Tuesday brings us seven advisories, three of which are listed as Critical.
A programming flaw in the code of popular online marketplace AliExpress, which connects small Chinese businesses with international buyers and has over 7.7 million registered users, has endangered each and every one of them as it could reveal their names, shipping addresses and phone numbers to anyone who knew where to look.
Adam Gowdiak, CEO of Polish firm Security Explorations, has announced that his team of researchers have discovered over 30 serious security issues in the Java security sandbox of the Google App Engine (GAE), Google's popular PaaS cloud computing platform for developing and hosting web applications.
The OpenVPN Project has issued a new version of its popular open source software of the same name and is urging users to implement it, as it solves a critical denial of service security vulnerability (CVE-2014-8104).
Siemens has released an out-of-band update for the SIMANTIC WinCC SCADA system, which is integrated in its PCS7 distributed control system and its TIA Portal, engineering software for SIMATIC products that is deployed across several industrial sectors primarily in the US and Europe.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.