All blogs hosted on Google's blogspot.com domain can now be accessed over an encrypted HTTPS connection.
A tool used by millions of websites to process images has several critical vulnerabilities that could allow attackers to compromise Web servers.
The website of toy maker Maisto was infected with malicious code that distributed CryptXXX, a new and increasingly widespread ransomware program.
Researchers from security firm PhishLabs found 11 phishing applications hosted on Google Play this year, targeting users of popular online payment services.
Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams' internal chats and other data at risk.
An Estonian man was sentenced Tuesday to 87 months in prison in the U.S. for his role in a cybercriminal operation that infected over 4 million computers with DNS hijacking malware.
A cyberespionage group active in Asia has been leveraging a Windows feature known as hotpatching in order to better hide its malware from security products.
A group of cybercriminals extorted over $100,000 from companies by threatening to launch DDoS attacks against them, without even having the capability to do so.
Attackers are using two known exploits to silently install ransomware on older Android devices when their owners browse to websites that load malicious advertisements.
The hackers who stole $81 million from Bangladesh's central bank earlier this year likely used custom malware designed to interfere with the SWIFT client software used by financial institutions.
A researcher found a PHP-based backdoor installed by hackers on one of Facebook's corporate servers.
Cisco Systems has released patches to fix serious denial-of-service flaws in its Wireless LAN Controller (WLC) software, Cisco Adaptive Security Appliance (ASA) software and the Secure Real-Time Transport Protocol (SRTP) library that's used in many products.
A security researcher has created a free security tool that can detect attempts by ransomware programs to encrypt files on users' Macs and then block them before they do a lot of damage.
A new memory scraping malware program steals payment card data from point-of-sale (PoS) terminals and sends it back to attackers using the Domain Name System (DNS).
Oracle's latest quarterly security update contains 136 fixes for flaws in a wide range of products including Oracle Database Server, E-Business Suite, Fusion Middleware, Oracle Sun Products, Java and MySQL.