An Internet Explorer 8 vulnerability goes unfixed by Microsoft for more than half a year, reports the Zero Day Initiative.
Attackers can use the "Covert Redirect" vulnerability in both open-source log-in systems to steal your data and redirect you to unsafe sites.
The White House explains the government’s process when deciding whether to withhold knowledge of a security vulnerability -- “There are legitimate pros and cons to the decision to disclose.”
Adobe and Microsoft patch a critical zero-day security flaw in Adobe's Flash Player that is actively being used to target Windows users, but the bug is different from an unpatched hole in Internet Explorer.
While saying that most vulnerabilities should be revealed, the White House allows some flaws to be kept secret in the event of "a clear national security or law enforcement need," the New York Times reports.
A Bloomberg report says the agency knew about the Heartbleed security flaw that's sent sites like Google scrambling to patch their systems -- but it kept it secret and used it to spy. The agency, however, says that's not so.
Thousands of dollars have been awarded to bug hunters for the Chrome 34 release who reported 31 flaws, 19 deemed critical.
This Samsung upright has suction power, but lacks versatility
A boy works out how to get into his dad's Xbox Live account without a password. Microsoft not only plugs the flaw but appoints Kristoffer Von Hassel as a security researcher.
Mobile security remains a struggle: CanSecWest calls attention to flaws in Android and BlackBerry 10, while a newly discovered encryption weakness in iOS 7 could put iPad and iPhone owners at risk.