Facebook Messenger Platform Launches at F8 Developer Conference

Yesterday at its annual F8 Developer Conference in San Francisco, Facebook officially turned its Messenger app into a Platform. Facebook's Messenger Platform allows third-party app developers to integrate their apps with Facebook messenger app. However, other popular messaging apps are already...

[SECURITY] Fedora 20 Update: qt-creator-3.2.2-2.fc20

Qt Creator is a cross-platform IDE integrated development environment tailored to the needs of Qt developers...

libzip -- integer overflow

libzip developers report: Avoid integer overflow. Fixed similarly to patch used in PHP copy of libzip...

Mozilla Pushes Hot Fix to Remove Superfish Cert From Firefox

Mozilla has issued a hot fix for Firefox that removes the Superfish root certificate from the browser’s trusted root store. The patch only removes the certificate if the Superfish software has been removed from the machine already, however. The Superfish adware performs SSL interception–essential...

Google releases Cloud-based Web App Vulnerability Scanner and Assessment Tool

Google on Thursday unleashed its own free web application vulnerability scanner tool, which the search engine giant calls Google Cloud Security Scanner, that will potentially scan developers' applications for common security vulnerabilities on its cloud platform more effectively. SCANNER ADDRESSE...

Windows Phone 8.1 Hacked

Do you wanna hack Nokia Lumia phone running the latest mobile operating system Windows 8.1 ?? Hackers have made it very easy for you all..!! Just few weeks after Microsoft announced a 19 year-old critical security hole existed in almost every version of its Windows operating system, XDA-developer...

DSA-3060-1 linux - security update

Bulletin has no description...

Twitter Launches Digits – A Password Free Login Service For App Developers

There’s a good news for app developers. On Wednesday at Twitter’s first annual developer conference Flight, the company announced a new tool for developers which will allow users to log-in to mobile applications using their phone numbers rather than a traditional username and password combination...

WPScan Vulnerability Database WordPress Security Resource

WordPress’ popularity as a content management system 44 percent of CMS market share is matched in parallel by the number of security vulnerabilities afflicting the open source platform, as well as its versatile plug-ins and themes. It’s not unlikely that a developer may be at a loss as to the...

Second jQuery Hack of Week Reported

Update A day after a compromise of the jQuery website was disclosed, the open source JavaScript library is dealing with a second attack. JQuery Foundation board member Ralph Whitbeck confirmed via email to Threatpost that a new compromise was under way and the organization was taking steps to...

jQuery Official Website Compromised To Serve Malware

The official website of the popular cross-platform JavaScript library jQuery jquery.com has been compromised and redirecting its visitors to a third-party website hosting the RIG exploit kit, in order to distribute information-stealing malware. JQuery is a free and open source JavaScript library...

OWASP Releases Latest App Sec Testing Guide

Advocates with the web application security consortium OWASP published the latest iteration of its Testing Guide this week. The guide, celebrating its 10th anniversary this year, is an informational manual designed to teach developers how to build and maintain secure applications in the face of...

New Initiative Simply Secure Aims to Make Security Tools Easier to Use

The dramatic revelations of large-scale government surveillance and deep penetration of the Internet by intelligence services and other adversaries have increased the interest of the general public in tools such as encryption software, anonymity services and others that previously were mainly of...

CVE-2014-5681

The XDA-Developers aka com.quoord.tapatalkxda.activity application 3.9.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The XDA-Developers aka com.quoord.tapatalkxda.activity application 3.9.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5681

The CVE-2014-5681 entry concerns the XDA-Developers Android app (package com.quoord.tapatalkxda.activity, version 3.9.8) failing to verify X.509 certificates from SSL servers. This weakens TLS and enables man-in-the-middle attackers to spoof servers and access sensitive information via a crafted ...

CVE-2014-5681

The XDA-Developers aka com.quoord.tapatalkxda.activity application 3.9.8 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Android browser vulnerability Cheetah, 3 6 0, surf, etc. are affected-vulnerability warning-the black bar safety net

It is reported that the vulnerability is exposed after, the black bar safety net vulnerability reporting platform for this vulnerability has been tested, found that the vulnerability can be when a user visits a malicious web site that quietly steal the user the access to the site within the...

Mozilla MDN Password Disclosure Affects 76,000 Developers

Some members of the Mozilla Developer Network are being advised to change their passwords after email addresses and encrypted credentials were disclosed on a public server. Mozilla director of developer relations Stormy Peters said the organization has been investigating the disclosure for 10 day...

Android new vulnerability exposure: hack may fake and authentic applications-vulnerability warning-the black bar safety net

Ticker 7 on 3 0 September morning news, on Tuesday released a study on the display, the Google Android operating system has a security vulnerability that can allow a hacker to fake a trusted formal application, thereby hijacking the user's smartphone or tablet. The security company Bluebox Securi...