A privilege escalation vulnerability patched last week in Microsoft Windows and an Adobe Reader remote code execution bug fixed in a product update were both jointly targeted by a PDF-based zero-day exploit.
Multiple major operating systems and hypervisors contain a serious CPU chipset bug that could allow authenticated attackers to elevate privileges, read sensitive data in memory, and control certain low-level functions.
Last week Microsoft Corporation updated its Windows Host Compute Service Shim (hcsshim) library to correct a critical remote code execution bug caused by improper input validation when importing a container image.
Drupal announced its third critical website bug found in the last month and has issued an unscheduled security update to patch a code-execution bug that is being actively exploited in the wild.
Independent researchers collected £190,000 in bug purchases this week at the annual Pwn2Own contest at CanSecWest in Vancouver.
A new ransomware attack called Thanatos demands payment in Bitcoin Cash, which contains a decryption bug that makes it impossible for attack victims to recover stolen files, reports security researcher Malware HunterTeam.
An easy-to-exploit bug has left Tinder accounts and private chats exposed to hackers, revealed a researcher this week.
Apple just released a patch to fix its crash bug that allowed specially crafted messages to disable access to iMessage and other messaging apps.
A quirky bug in Apple's Messages application is allowing a malicious GitHub link to cause crashes and other bothersome behaviour on both macOS and iOS machines.
A reported chip flaw in Intel processors that has existed at least for the last 10 years allows software programs to access content in kernel memory and patching the bug.
A critical security bug put millions of banking app users at risk, according to researchers from the University of Birmingham.
Linux kernel security bug could have led to privilege escalation - fixed after two years as turned out worse than first thought.
Millions could have been exposed to malware bug in LinkedIn Messenger
A bug in Linux has been discovered that could allow a hacker to crash a system with just 48 characters of code.
Twitter's password recovery systems briefly contained a bug that potentially exposed the email addresses and phone numbers of about 10,000 active account-holders.
An attacker compromised a privileged account on Mozilla's Bugzilla bug tracker tool and used the gleaned information to exploit a critical bug.