Microsoft has released a one-click Fix it for mitigating the effect of the IE 8 zero-day vulnerability that is being used in watering hole attacks in the wild.
Most drive-by exploit kits use a minimal exploit shellcode that downloads and runs the final payload.
ESET researchers, together with web security firm Sucuri, have been analyzing a new threat affecting Apache webservers.
If you are still using Java, you insist on updating in manually and you haven't gotten around to installing the latest Critical Patch Update released a week ago, you are advised to do it now, as an exploit for one of the vulnerabilities it patched has been incorporated into a popular exploit kit and is being actively used in the wild.
Researchers have discovered another active spamming campaign targeting Twitter users.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.