An Internet Explorer zero-day vulnerability (CVE-2014-0322) is actively exploited in the wild in a watering-hole attack targeting visitors to the official website of the U.S.
During an internal assessment, Duo Security found a vulnerability in their popular WordPress two-factor authentication plugin that completely bypasses the security measures provided by it.
Kaspersky Labís security research team published a report confirming and demonstrating that the weak implementation of anti-theft software marketed by Absolute Software can turn a useful defensive utility into a powerful utility for cyberattackers.
Microsoft researchers have also recently discovered several attacks in the wild exploiting another Flash Player vulnerability (CVE-2013-5330) on Windows, Linux and OS X.
Developers working for privacy software vendor MyPermissions claim to have discovered a critical vulnerability in Facebook's code.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.