Security News

From a backdoor placed in the Webmin utility to vulnerability disclosure drama around zero-days in Valve's Steam gaming clients, Threatpost breaks down this week's top stories.

Backdoor was intentionally planted in 2018 and found during the DEF CON 2019 security conference when researchers stumbled upon malicious code.

A Ruby software package that contained a malicious backdoor has been removed from the Ruby Gems repository after compromising over ten libraries. Called rest-client, the gem was designed to help...

Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed that the flaw was not actually the result of a coding mistake...

If you own a device, or a hardware component, manufactured by ASUS, Toshiba, Intel, NVIDIA, Huawei, or other 15 other vendors listed below, you're probably screwed. A team of security researchers...

Pakistani bloke extradited to US, accused of masterminding telco hack caper AT&T staff were bribed $1m to slip the codes to unlock two million smartphones to a gang operating out of Pakistan, US...

Pakistani bloke extradited to US, accused of masterminding telco hack caper AT&T staff were bribed $1m to slip the necessary codes to unlock two million smartphones to a gang operating out of...

The hugely popular gaming site Club Penguin Rewritten suffered a data breach that exposed 4m user accounts.

As politicians should know by now, secure messaging apps such as Telegram can quickly become a double-edged sword.

Back in January, two senior GCHQ officials proposed a specific backdoor for communications systems. It was universally derided as unworkable -- by me, as well. Now Jon Callas of the ACLU explains why....