The hardware-based encryption built into popular Western Digital external hard disk drives has flaws that could allow attackers to recover data without knowing the user password.
Adobe released a patch for a critical vulnerability in Flash Player in response to high-profile cyberespionage attacks against governmental targets.
Security researchers have identified over 4,000 iOS apps that have malicious code added by a rogue version of the Xcode development tool.
Zerodium, an exploit acquisition company, promises to pay $1 million to researchers who provide it with an exclusive, browser-based and untethered jailbreak for the latest Apple iOS 9 operating system.
A vulnerability in the iOS sandbox for third party applications, like those installed by companies on their employees' devices, can expose sensitive configuration settings and credentials.
The vulnerability allows attackers to generate rogue certificates that pass OpenSSL's validation
The vulnerability has been exploited by a China-based cyberespionage group for several weeks, security firm FireEye says.
The attackers are likely abusing Apple's iOS Developer Enterprise Program, researchers said
The update patches 13 vulnerabilities and updates the trusted root SSL certificates.
A researcher developed code that can trick Safari into showing a different URL in its address bar than the one currently loaded.
The program's developers are urging users to update to its latest version as soon as possible
A team of anonymous developers is trying to raise awareness about GPU malware.
Security researchers found nine different ways to defeat Google's Password Alert extension for Chrome.
Hackers can exploit the vulnerability to launch man-in-the-middle attacks and decrypt traffic from the affected apps.
The flaw in the AFNetworking library broke HTTPS certificate validation, enabling man-in-the-middle attacks