WordPress security experts said that 1.5M sites have been defaced following the disclosure of a silently fixed content injection vulnerability.
Critical remote code execution vulnerabilities in PHPMailer and SwiftMailer, libraries used to send emails via PHP, were patched this week.
Researchers found a serious vulnerability in PHP code that could have allowed hackers to gain access to porn site’s private user data.
The maintainers of Debian have released new versions of the operating system to fix several vulnerabilities, including a number of bugs in PHP and an unspecified flaw in Oracle’s VirtualBox application. There are new versions of the stable and oldstable releases of Debian available, which fix the security vulnerabilities. Among the patches is one for […]
Several new versions of PHP have been released, all of which contain a number of bug fixes, most notably a patch for the so-called BACKRONYM vulnerability in MySQL. That bug in MySQL is caused by a problem with the way that the database software handles requests for secure connections. Researchers at Duo Security disclosed the […]
Seagate confirmed a publicly disclosed vulnerability in one of its network attached storage products, but said it won’t have a patch available until May.
Remote code execution vulnerabilities in Seagate Business NAS firmware were disclosed after a 100-plus day deadline passed without a fix from the vendor.
Researchers at Veracode examined whether enterprise applications were also vulnerable to the Ghost vulnerability in glibc.
Researchers at Sucuri revealed that applications such as WordPress that support PHP could also be subject to the Ghost vulnerability in glibc.
Several new versions of PHP have been released, fixing a number of security vulnerabilities and other bugs in the popular scripting language. PHP 5.6.5 is the newest version of the language, and it has patches for a handful of vulnerabilities, including a use-after-free flaw that could lead to remote code execution in some cases. “Sapi/cgi/cgi_main.c in […]