Owners of a number of Linksys small office/home office routers have been urged last week to update their device's firmware in order patch two vulnerabilities, one of which could allow a remote, unauthenticated attacker to read or modify sensitive information on the router, and the other could allow a local attacker to read the device's password file.
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL injection vulnerability (CVE-2014-3704) on October 15, are advised to consider their site as potentially compromised and proceed to fix the issue.
A researcher has spotted a Tor exit node located in Russia which instead of delivering the software requested by users untouched, was adding malicious code to the binaries in question - code that made their computers open a port to send HTTP requests to and receive commands from a remote server.
Last week Apple released a new version of its operating system to consumers.
The Tor Project has released version 4.0 of its popular homonymous browser that allows users to use the Internet anonymously and privately, and to circumvent online censorship and surveillance efforts by various countries.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.