The update for the Mozilla Firefox browser to version 22.214.171.124 does not remove all of the vulnerabilities disclosed in the changelog, and the update introduces some new bugs.more »
Two protocol handlers give attackers the ability to inject malicious code into X Font Server (XFS). Linux systems are only vulnerable to local attacks. The X Font Server is not accessible over networks by default.more »
A Red Hat update has just been released to close various vulnerabilities in the Xen virtualization solution, one of which was caused by an error in a Python script.more »
An unknown software researcher discovered a highly critical vulnerability in the Star Office package. Manufacturer Sun has released patches to resolve the issue.more »
Four bugs have been discovered in the free Image Magick image manipulation Software and classified as highly critical by several security research services. A new version closes the security holes.more »
The KDE Display Manager (KDM) can be exploited to allow users to log in without a password. This would give users the ability to log in as other users or even root.more »
A moderately critical vulnerability was discovered in the QUtf8Decoder of Trolltech's Qt Framework.more »
The latest version of Samba, 3.0.26, removes a moderately critical vulnerability that only occurs in combination with Microsoft's Active Directory Service.more »
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.
Redmond rushes in to root out alleged malware haven.
New initiative will bring futuristic virtual reality effects to the web surfing experience.
Dyreza malware launches a man-in-the-middle attack that compromises SSL.
New cloud combines worldwide access with local attention to data security.
A first cousin of the recent Heartbleed attack affects EAP-based wireless and peer-to-peer authentication.
FOSS community acts to protect freedom of choice for laptop devices.