Don't-Miss Security Stories
An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through the official app store's review process, an action that poses security risks for users.
Google Chrome can mark unencrypted sites with a red "X," but only as an optional feature for now.
Google's VirusTotal service has added a new tool that analyzes firmware, the low-level code that bridges a computer's hardware and operating system at startup.
Next year, the Java browser plug-in, which is frequently the target of Web-based exploits, will be retired by Oracle.
A new Android ransomware app called Lockdroid.E is abusing system dialogs to hijack user clicks and grant itself administrator privileges.
Tails 2.0 is out with improved features, a new desktop shell, and an easier way for new users to install the OS.
PayPal has fixed a serious vulnerability in its back-end management system that could have allowed attackers to execute arbitrary commands on the server and potentially install a backdoor.
Lenovo has patched several software flaws in a file-sharing utility, which could allow attackers to browse and make copies of files.
An online advertising company has fixed a vulnerability in its platform that could have allowed hackers to steal information from a large number of users.
Consumers should have the right to inspect the source code for connected devices they own, to ensure it doesn't contain bugs or backdoors, one U.S. Federal Trade Commissioner believes.
Around two dozen U.S. government departments and federal agencies are being questioned by the U.S. Congress on whether they were using backdoored Juniper network security appliances.
Windows Defender has risen from dead last in independent testing to somewhere in the middle, actually outperforming some paid competitors.
The latest patches for the Magento e-commerce platform fix critical vulnerabilities that could allow attackers to hijack administrative accounts.
A years-long campaign of seemingly disparate cyberattacks against Tibetan and Uyghur activists likely comes from a single group of hackers, according to a seven-month study by Palo Alto Networks.
Network security vendor Fortinet has identified an authentication issue that could give remote attackers administrative control over FortiSwitch, FortiAnalyzer and FortiCache devices.