Victims of the massive Equifax breach may have to wait days to find out if they were impacted.
A new variant of the banking trojan Dridex is part of a sophisticated phishing attack targeting users of the cloud-based accounting firm Xero.
Microsoft is opting to stand pat and not fix a content security bypass vulnerability in its Edge browser, something researchers warn could potentially lead to the disclosure of confidential information.
Researchers find six previously unknown memory corruption and unlock-bypass vulnerabilities in major chipset vendors’ firmware code.
Google fixed 81 vulnerabilities, including 13 critical remote code execution bugs, in the September edition of its Android Security Bulletin on Tuesday.
The Apache Software Foundation released a patch on Tuesday for a critical vulnerability impacting all versions of Struts since 2008.
The Onliner spambot, Google’s forthcoming Not Secure warnings for Chrome, the WireX botnet, Sarahah privacy and more are discussed.
Researchers identified a vulnerability in National Instruments’ LabVIEW software that will not receive patch by the vendor.
GitLab, the popular web-based Git repository manager, fixed a vulnerability recently that could have opened its users up to session hijacking attacks.
Trivially exploitable vulnerabilities in several Arris home modems, routers and gateways distributed to consumers and small businesses through AT&T’s U-verse service have been discovered.