The bugs could be exploited to carry out remote code execution, the deletion of files, or information leakage.
The cyberespionage campaign, named Slingshot by researchers, managed to evade detection for six years.
DDoS attacks, data breach settlements, and dark web crackdowns -- catch up on the week's infosec news with this roundup!
The Senate is expected to approve a banking bill next week that includes a provision which would make credit report freezes free.
A recently identified bug in the SAML protocol could have let attackers log in as other users.
Cryptojacking, data breach disclosure laws, and phishing -- catch up on the week's infosec news with this roundup!
Coldroot, a new strain of macOS malware that's eluded detection for more than a year has a keylogger and can gain persistence with root privileges.
Data protection jobs, Bitcoin phishing, and Amazon S3 leaks -- catch up on the week's infosec news with this roundup!
Salon unveiled a new but controversial revenue model this week: taking unused computing power on users machines to mine cryptocurrency.
Researchers said Tuesday the app was vulnerable to a right-to-left override attack, something which let attackers trick unsuspecting users into installing malware.