A programming flaw in the code of popular online marketplace AliExpress, which connects small Chinese businesses with international buyers and has over 7.7 million registered users, has endangered each and every one of them as it could reveal their names, shipping addresses and phone numbers to anyone who knew where to look.
Google has open source another security tool: it's called Firing Range, and it's an effective testing ground for a variety of automated web application security scanners.
Administrators of sites that run Drupal 7, and have not yet updated to version 7.32 or have done so later than 7 hours after the public revelation of the highly critical SQL injection vulnerability (CVE-2014-3704) on October 15, are advised to consider their site as potentially compromised and proceed to fix the issue.
Admins of sites that run Drupal 7 are advised to update to the latest version of the platform - version 7.32 - because it fixes a critical SQL injection vulnerability that can ultimately lead to site hijacking and data theft.
851,322 individuals who used Oregon Employment Department's WorkSource Oregon Management Information System (WOMIS) will soon be receiving notices that they information might have been compromised due to a recently discovered vulnerability.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.