New security patches for Google's Nexus devices address seven vulnerabilities, two of which are critical and could allow for remote code execution when processing media files.
A software development kit created by Chinese Internet services company Baidu and used by thousands of Android applications contains a feature that gives attackers backdoor-like access to users' devices.
Researchers from Kaspersky Lab and the Dutch Public Prosecution Service have obtained the last set of encryption keys from command-and-control servers that were used by CoinVault and Bitcryptor, two related ransomware threats.
The Xen Project fixed several vulnerabilities in its popular virtualization software, including one that could allow potential attackers to break out of a virtual machine and gain control over the host system.
Hackers infect MySQL database servers with a malware program that's used to launch distributed denial-of-service (DDoS) attacks.
Google wants Symantec to publicly disclose all the certificates it issues and to undergo a third-party security audit after an incident involving the CA issuing unauthorized certificates as part of internal testing.
The U.S. Copyright Office added security research on cars and medical devices to the list of exemptions from the rules prohibiting the circumvention of access controls that are used to protect works.
South Korean organizations are being targeted in attacks with a new stealthy backdoor program that gives attackers full access to infected computers.
Less than four hours after a critical vulnerability was patched in Joomla, security firms already detected attacks exploiting the flaw.
The head of a German Federal Chancellery unit reportedly had his laptop infected with Regin, a cyberespionage program believed to be used by the U.S. National Security Agency and its closest intelligence allies.
A Russian cyberespioange group tried to infiltrate the international investigation into the crash of Malaysia Airlines Flight 17 (MH17) that was shot down by a missile over Ukraine in July 2014.
A recently detected distributed denial-of-service (DDoS) attack was launched from 900 compromised CCTV cameras that were hijacked by hackers.
Mozilla is considering banning digital certificates signed with the SHA-1 algorithm in July 2016.
Oracle fixed a vulnerability in Java that a Russian cyberespionage group used to launch stealthy exploits against NATO member countries earlier this year.
The hardware-based encryption built into popular Western Digital external hard disk drives has flaws that could allow attackers to recover data without knowing the user password.