16-year-old security researcher Thamatam Deepak has identified a number of three cross-site scripting (XSS) vulnerabilities and a cookie handling flaw on the website of world-renowned smartphone manufacturer HTC.The expert said the vulnerabilities – which affected pages such as product security, account information, and...

W3 Total Cache, which boasts high-traffic sites like Mashable and Lockergnome among its users, has serious vulnerabilities, according to this post on the Full Disclosure list.The default setup – that is, when users simply choose “add plugin” from the WordPress catalogue – left cache directory listings enabled, according...

A Java vulnerability that hasn't yet been patched by Apple is being exploited by cybercriminals to infect Mac computers with a new variant of the Flashback malware, according to security researchers from antivirus firm F-Secure.Flashback is a computer Trojan horse for Mac OS that first appeared in September 2011. The first...

It's been more than a month since researchers reported two serious security vulnerabilities in Android, but so far there's no indication when they will be purged from the Google-spawned operating system that's the world's most popular smartphone platform.The first flaw allows apps to be installed without prompting users...