The US National Security Agency (NSA) knew of the Heartbleed flaw in the widely used OpenSSL security tool and exploited it for year - instead of blowing the whistle so that the patch could be flawed....
The group has threatened to sell Madonna's legal documents in a future auction
Improper usage was identified as the most common attack vector last year
Redesigned for stealth and adaptability, data-stealing Valak malware targets Microsoft Exchange Server in enterprises
Valak has been rapidly reconfigured for data exfiltration and has been spotted targeting US and German enterprises
'If you pick any random PHP library it more than likely has a flaw,' says Veracode's Chris Eng