- ATM skimmer that never touches the ATM, Krebs on Security
- Data theft vulnerability in Android 2.3 not plugged, The H Open
- Microsoft warns of browser security flaw, BBC
- PostgreSQL security update fixes a buffer overrun, The H Security
- Exim update closes vulnerability, The H Security
- DDoS attacks exceed 100Gbps for the first time, Slashdot
- CouchDB update fixes cross-site scripting vulnerability, The H Open
- Google offering hefty bounty for break of Chrome’s sandbox, Zero Day at ZDNet
- Mailing list program, majordomo, reveals file contents, The H Security
- Adobe’s Reader X spoils new PDF attack, Slashdot