A new browser-based phishing technique has made it harder for users to spot malicious websites, according to recent cybersecurity research. The method, known as a Fullscreen Browser-in-the-Middle ...

Researchers have devised a new attack that can bypass one of the main exploit mitigations in browsers: Address space layout randomization (ASLR). The attack takes advantage of how modern processors ...

Most browser installations use outdated versions of the Java plug-in that are vulnerable to at least one of several exploits currently used in popular Web attack toolkits, according to statistics ...

Zerodium, a company that buys and sells vulnerabilities in popular software, has published details today on Twitter about a zero-day vulnerability in the Tor Browser, a Firefox-based browser used by ...

Browser exploits continue to haunt enterprise security. In May, Microsoft patched a browser vulnerability that could allow attackers to force Edge users into Internet Explorer compatibility mode, ...

The times when exploit kits (EKs) were known to be the breeding ground of new zero-days is long gone, and most EKs nowadays live off older vulnerabilities, meaning that keeping your browser, OS, and ...

There are times when network security defenders need to compile exploit code. It is not unusual for more than a dozen new exploits against Windows and Linux machines to be released each day, and ...

Only 5 percent of actively used browser installations have the most up-to-date version of the Java plug-in, the vendor's data shows Most browser installations use outdated versions of the Java plug-in ...