Security Alerts & News
by Tymoteusz A. Góral

History
#1841 Critical flaw in PHPMailer library puts millions of websites at risk
A critical remote code execution vulnerability in PHPMailer, one of the most widely used PHP email sending libraries, could put millions of websites at risk of hacking.

The flaw was found by a security researcher named Dawid Golunski and an initial fix was included in PHPMailer 5.2.18, which was released Saturday. However, it turns out that the patch was incomplete and can be bypassed.

The PHPMailer library is used directly or indirectly by many content management systems (CMSs) including WordPress, Joomla and Drupal. Where the library is not included in their core code, it is likely available as a separate module or can be bundled with third-party add-ons.
Read more
#1846 IoT in 2017: Why usage is going to grow, despite the security risks
#1845 This Android-infecting Trojan malware uses your phone to attack your router
#1844 CNN uses screenshot from ‘Fallout 4’ to show how Russians hack things
#1843 The biggest security threats coming in 2017
#1842 Buffer overflow explained
#1841 Critical flaw in PHPMailer library puts millions of websites at risk
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12