Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.

Campaign exploits misconfigured Docker APIs to gain network entry and ultimately sets up a backdoor on compromised hosts to mine cryptocurrency.

A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.

New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw.

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.

Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.

Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments.

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates ...

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets.

More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access.

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.