PC maker Lenovo is recommending users remove an application preloaded on their computers because it contains a high-severity flaw that could allow attackers to take over their systems.
A hacker is trying to sell a zero-day privilege escalation exploit that allegedly affects all Windows versions and bypasses all common exploit mitigations on a cybercrime forum.
Security researchers have found serious flaws that could lead to full system compromises in the software update tools installed on computers by five PC manufacturers.
A hacker is selling 65 million email addresses and hashed passwords stolen from Tumblr in 2013.
Owners of WordPress-based websites should update the Jetpack plug-in as soon as possible because of a serious flaw that could expose their users to attacks.
Malware links suggest that North Korean hackers might be behind recent attacks against several Asian banks, including the theft of $81 million from Bangladesh central bank earlier this year.
Up to 12 banks have reportedly launched investigations into potential security breaches on their networks after hackers stole $81 million from the Bangladesh central bank earlier this year.
A Romanian hacker known online as Guccifer pleaded guilty to hacking into 100 email and social media accounts belonging to American citizens, including former high-ranking government officials.
The explosion of new generic top-level domains (gTLDs) in recent years can put enterprise computers at risk due to name conflicts between internal domain names used inside corporate networks and domains that can now be registered on the public Internet.
A new ransomware program called DMA Locker has reached maturity and shows signs of being distributed in widespread attacks.
It took hackers less than two weeks to integrate a recently patched Flash Player exploit into widely used Web-based attack tools that are used to infect computers with malware.
Routers and other wireless devices made by Ubiquiti Networks have been infected by a worm that exploits a one-year-old remote unauthorized access vulnerability.
Cisco Systems has fixed four denial-of-service vulnerabilities that attackers could exploit to cause Web Security Appliance devices to stop processing traffic correctly.
Victims of the widespread TeslaCrypt ransomware can now decrypt files affected by recent versions of the malicious program.