Security News

Several new versions of PHP have been released, all of which contain a number of bug fixes, most notably a patch for the so-called BACKRONYM vulnerability in MySQL. That bug in MySQL is caused by...

A third party operator of concessions and retail services at zoos from Hawaii to Florida acknowledged this week that it was hit by a data breach earlier this year.

The Linux Foundation's Core Infrastructure Initiative announced it was releasing to open source data from the Census Project, which uses metrics identify under-resourced open source projects at risk.

Dennis Fisher and Mike Mimoso discuss the Hacking Team hack and the continued fallout from the OPM breach.

Security researchers and software vendors have spent decades trying to work out the process of vulnerability disclosure, with limited success. Now the federal government is joining the fray in...

The ever-expanding data breach at the Office of Personnel Management has now spread to include the Social Security numbers and other personal data of a total of 21.5 million people. The new total...

Security company Volexity said that the Wekby APT group, allegedly responsible for hitting Community Health Systems last year, is using the Hacking Team Flash Player zero-day exploit.

A high-severity bug in OpenSSL was disclosed today, and it affects only organizations that installed an update released in June, and allows anyone with an untrusted TLS certificate to become a CA.

There’s a severe vulnerability in the way that all versions of Android handle the restoration of backups that can allow an attacker to inject a malicious APK file into the backup archive. The bug...

A new, recently uncovered operation has purportedly been mutating versions of ransomware to better avoid getting detected.