The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.

A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.

New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw. Hikvision – short for Hangzhou Hikvision ...

The Gamaredon advanced persistent threat (APT) group has been supercharging its operations lately, improving its toolset and ramping up attacks on Ukrainian national security targets.

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.

There are five different pillars to implement when moving to a modern, zero-trust security model. Employees are demanding that employers enable flexible workstyles. Apps are moving to the cloud. A ...

After a recent dip, ransomware attacks are back on the rise. According to data released by NCC Group, the resurgence is being led by old ransomware-as-a-service (RaaS) groups.

Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency.

Threat actors have leaked 1 million stolen credit cards for free online as a way to promote a fairly new and increasingly popular cybercriminal site dedicated to…selling payment-card credentials.

From more widescale, powerful distributed denial of service (DDoS) attacks, to privacy issues in children's connected toys, here are the top IoT disasters in 2019.

Attackers can drop malware, add the device to a botnet or send their own audio streams to compromised devices.

Attackers increasingly are using malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, offering a wide supply-chain attack surface for threat actors.