Category: Software Security

April 15, 2021

Google has just released Chrome version 90, bringing a privacy update that automatically adds HTTPS to a URL when it is available. Chrome engineers flagged the HTTPS feature in February and Google has been testing it in Chrome 90 previews […]

April 13, 2021

Adobe has released security patches tackling four critical vulnerabilities in Adobe Bridge, along with other critical and important-rated updates for bugs in Adobe Digital Editions, Adobe Photoshop and RoboHelp. In all, Adobe fixed 10 security holes in its products during […]

April 13, 2021

A researcher has dropped working exploit code for a zero-day remote code execution (RCE) vulnerability on Twitter, which he said affects the current versions of Google Chrome and potentially other browsers, like Microsoft Edge, that use the Chromium framework. Security […]

March 30, 2021

Over the weekend, attackers uploaded two malware payloads to the PHP git server, one would have created a backdoor to PHP-enabled websites. Both were found and reverted before going into production. The two commits were pushed to the php-src repository […]

March 29, 2021

Cloudflare has announced a set of new services that are intended to bolster application security by limiting API abuse. The new API Discovery and API Abuse Detection tools are designed to provide critical context for application security issues that are […]

March 26, 2021

Security researchers say a powerful new Android malware masquerading as a critical system update can take complete control of a victim’s device and steal their data. The malware was found bundled in an app called “System Update” that had to […]

March 26, 2021

OK, it’s time to head out the door, so make sure you’ve got your phone, keys, and wallet. That’s a lot of items to carry around, so what if you only had to bring your phone? After all, your keys […]

March 24, 2021

Facebook said it has disrupted a hacking operation that used the social media platform to spread iOS and Android malware that spied on Uyghur people from the Xinjiang region of China. Malware for both mobile OSes had advanced capabilities that […]

March 22, 2021

Everyone has been lecturing IT about how horrible the security is from texting numbers for authentication for years, including me. Now, due to some excellent reporting from Vice, it’s clear that the text situation is far worse than almost anyone […]

March 19, 2021

A new phishing scam is on the rise, targeting executives in the insurance and financial services industries to harvest their Microsoft 365 credentials and launch business email compromise (BEC) attacks, according to a new report from Area 1 Security. These […]