Backdoor vulnerability in open source tool exposes thousands of apps to remote code execution
The 2017 data breach at Equifax was possible because the company did not act to resolve a flaw in the open source Apache Struts framework.
WordPress plugin patches flaw that gave hackers potential access to 40,000 websites
The plugin Simple Social Buttons allows Wordpress users to distribute content on social media platforms. The flaw was discovered by a security developer at WebARX.
Epic Games login tokens were susceptible to theft, research shows
Researchers say it was possible to hijack old Epic Games domains and use them break into other users' accounts.
Adobe issues fix for Flash bug allowing remote code execution
Without the patch, Flash could mistakenly run a piece of code without verifying what type it is. Hackers can exploit the bug to remotely execute code.
Researchers earn thousands for exposing mobile device exploits at Pwn2Own
The competition exposed bugs in mobile devices made by Apple, Samsung and Xiaomi. Hackers went home with thousands of dollars and some sweet jackets.
Flaw in WordPress plugin allowed unauthorized admin access, backdoors
The flaw has been patched in the privacy-focused plugin WP GDPR Compliance, which has more than 100,000 downloads.