Not long ago, miscreants who wanted to buy an exploit kit — automated software that helps booby-trap hacked sites to deploy malicious code — had to be fairly well-connected, or at least have access to ...

I have long urged readers who have no need for Java to remove the program, because failing to keep this software updated with the latest security patches exposes users to dangerous, ubiquitous attacks ...

How much would a government be willing to pay for hacking tools designed to exploit the systems that control oil, gas and water plants? In many cases, they needn't pay much at all. Whilst weaknesses ...

A vulnerability research company in Argentina has fitted an Oracle database rootkit into its zero-day exploit pack, adding a stealthy new danger to enterprise systems. The rootkit, which is available ...

Users who visit AskMen.com, a men’s entertainment and lifestyle portal, are being hit with malicious code – possibly stemming from the Nuclear Pack exploit kit – researchers announced today. Users who ...

The creator of the infamous Eleonore exploit pack has released a new version of the attack toolkit, adding some new exploits, including one for a zero day vulnerability. The new version of Eleonore is ...

This week we have detected another interesting attack vector. This time cybercriminals are using an interesting technique for hiding malicious Javascripts and employ implicit iFrame injection. At this ...

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Retailers are seeing an uptick in Web attacks driven ...

If you still need a reason to patch that installation of Adobe Reader, pay close attention to this discovery by Secure Computing's anti-malware research labs. The group has stumbled upon an exploit ...

A Russian security company plans to release an upgraded exploit pack for industrial control software that incorporates a raft of new vulnerabilities released by an Italian security researcher. The ...

Another day, another Apex Legends exploit. This time, players who use the little workaround can obtain the Origin Access pack, which will net them 1,000 Apex coins, a special Banner Badge, and a ...

Researchers discovered a type of issue that is called a cross site scripting vulnerability (XSS). It can generally involve a compromised input interface. So anywhere that a user can input and upload ...