A flaw in the GRUB2 bootloader allows hackers to bypass Secure Boot on billions of systems
BootHole is a silent killer for a widely-used security feature
Vulnerability articles
Two new Intel CPU flaws make it easy for hackers to extract sensitive data
Intel's SGX is a leaky chip
Researchers found a new Bluetooth bug that allows hackers to impersonate a trusted device
Billions of Bluetooth devices are affected
Apple: There is "no evidence" that iPhone Mail vulnerabilities have been exploited in the wild
The company's own investigation arrived at a different conclusion
iPhone's Mail app has two severe "zero-click" vulnerabilities that have existed for 8 years
A fix is coming in iOS 13.4.5
Microsoft reports new zero-day vulnerability in Windows that is being actively exploited
Two new remote code execution vulnerabilities have surfaced
Intel CPUs are vulnerable to new "LVI" attack that breaks the secure enclave of the CPU
Something worse than the infamous Meltdown does exist
Intel CSME vulnerability allows hackers to break encryption and DRM
Researchers say the issue is unfixable without replacing the hardware
Researcher says millions of IoT and surveillance devices that use HiSilicon chips have a trivial backdoor
The Chinese giant has another hot potato on its hands
WhatsApp desktop app vulnerabilities led to remote file access, code execution
One discovery led to the next
Twitter fixes flaw in its API that allowed attackers to match users to their phone numbers
The social giant believes state-sponsored actors may have already used it
Google paid researchers $6.5 million in bug bounties last year
The largest single reward was $201,337
Researchers disclose new CacheOut attack that targets Intel processors
Intel says a fix is coming soon
Mozilla releases patch for a severe vulnerability in Firefox that's being actively exploited
Stop what you're doing and update Firefox
TikTok vulnerabilities could allow hackers to get access to your personal data through SMS messages
One less reason to rely on the convenience of SMS-based magic links
A flaw in Twitter's Android app allowed a researcher to match 17 million phone numbers with users
The exposed accounts include high-profile politicians and celebrities
WhatsApp bug allows complete control of group chats, crashing the app
The latest update fixes the issue
Several high profile Android apps still have vulnerabilities discovered years ago
Messenger, Instagram and WeChat are among hundreds of unpatched apps
Hackers can use a WhatsApp flaw in the way it handles video to take control of your phone
Facebook fixed the issue in the latest app update
Vulnerability discovered in Ring doorbells that leaked network credentials
The security hole has been patched
SRLabs finds new smart speaker vulnerabilities that turn them into spying devices
The same technique can be used to trick users into revealing their password
Researchers discover major flaw in PDF encryption standard
Attacks can exfiltrate data from encrypted PDF files
New iPhone bootROM exploit might lead to permanent jailbreak on hundreds of millions of devices
Exploit cannot be patched without a hardware update
Microsoft issues patch for Internet Explorer zero-day
It's being actively exploited in the wild
Apple accuses Google's Project Zero of creating unfounded fears around recently disclosed iPhone vulnerability
The companies are engaged in a public feud