While probes looking for vulnerable Apache Struts 2 deployments continue, malicious traffic has tapered off, researchers at Rapid7 said.

A look at 200 zero day vulnerabilities reveals key details on longevity, value and how long it takes to create one after a software vulnerability has been identified.

Apache administrators are urged to immediately upgrade the Struts 2 web application framework to address a remote code execution flaw under public attack.

The makers of the popular messaging app Confide said Wednesday it has patched multiple security vulnerabilities that could of allowed hackers to intercept messages sent using its secure end-to-end messaging platform.

The latest version of Firefox expands non-secure HTTP warnings, enables SHA-1 deprecation by default, and removes support for NPAPI.

WordPress released version 4.7.3 which patches six vulnerabilities including one that could be chained with the REST API Endpoint vulnerability.

WordPress released version 4.7.3 which patches six vulnerabilities including one that could be chained with the REST API Endpoint vulnerability.

Western Digital NAS owners were warned of critical flaws in the company’s My Cloud line of hardware that opened up data stored on those devices to attack.

Western Digital NAS owners were warned of critical flaws in the company’s My Cloud line of hardware that opened up data stored on those devices to attack.

A bill that would exclude organizations from prosecution for hacking back is already stirring up some concerns about potential unintended consequences.