Researchers have demonstrated how the PC-based Rowhammer attack also works against Android devices.

A privilege escalation vulnerability, nicknamed Dirty Cow and present in Linux since 2007, has been used in public attacks against web-facing Linux servers.

The dangers of Skyping and typing, the fingerprint warrant story, hiding credit card numbers in images, and more are discussed.

An academic paper demonstrates a new ASLR bypass executed through a side-channel attack against the branch target buffer in an Intel Haswell CPU.

A study finds risky apps leave mobile devices open to SMS denial-of-service attack and remote SIM card rooting.

The FruityArmor APT group was using one of the Windows zero days patched by Microsoft last week to escape sandboxes and carry out targeted attacks.

Oracle fixed 253 vulnerabilities across 76 different products with its quarterly Critical Patch Update.

Security experts are reporting popular adult website Adult FriendFinder has been compromised by hackers who have gained access to the site’s backend servers.

Researchers say attackers are embedding malicious code in poorly configured Magento sites that hides stolen payment card data in images.

An audit of open source file and disk encryption software VeraCrypt wrapped up and a number of critical vulnerabilities uncovered in the assessment were patched.