21st Century Learning and Teaching

Content management system Joomla patched a zero-day vulnerability that allowed attackers to upload malicious code that led victims to the Blackhole exploit kit.

A nasty Joomla vulnerability was recently patched, but not before attackers used a zero day exploit to take over tens of thousands of sites and redirect victims to the Blackhole exploit kit, according to security company Versafe.

Most of the attacks were against financial institutions in Europe, the Middle East and Asia and stemmed from an initial attack against 100 Joomla-hosted websites.

"Watering hole" attack targets workers browsing federal government website.

Update: In an advisory published a couple of hours after this article went live, Microsoft confirmed a code-execution vulnerability in IE8. Versions 6, 7, 9, and 10 of the browser are immune to the exploit. People using IE8 should upgrade to versions 9 or 10, if possible.

After the recent discovery of a zero-day vulnerability in Oracle's Java Web Start plugin Apple and Mozilla are now disabling Java by default until fixes are made available.

Apple released a statement today acknowledging that they were victims of the same attackers that Facebook talked about last week. A zero-day Java vulnerability infected Apple Mac developers through...

According to Reuters, "Apple Inc. was recently attacked by hackers who infected the Macintosh computers of some employees".

More specifically Apple engineers had their Mac OS X laptops infected by the same zero-day Java vulnerability that infected Facebook last month.

In a statement Apple made to The Loop an Apple spokesperson said “The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers.

The U.S. Department of Homeland Security is the latest body to warn users to disable Java software amid escalating concerns over a serious, exploitable vulnerability.