Security News

A massive malware campaign has already infected 250 million Windows and Mac OS computers worldwide.

More than 1,000 mobile apps are leaking personal information via unsecured backend platforms such as MongoDB, MySQL and others.

A crowdfunding effort to buy a subscription to the ShadowBrokers' Monthly Dump Service of stolen exploits and data was shut down citing legal and ethical concerns.

A breach at OneLogin appears to have compromised customer data, including the ability to decrypt encrypted data.

Senators introduced a bill last week to establish a bug bounty pilot program within the Department of Homeland Security.

A high-severity vulnerability in sudo has been patched in a number of Linux distributions; the flaw allows local attackers to elevate privileges to root.

Cisco is prepping fixes for two of its products affected by last week's Samba vulnerability. Netgear has also pushed out a fix for NAS devices that were affected.

Google announced today new security features in Gmail, including the news that it will enhance early phishing detection in Gmail through dedicated machine learning.

Ecommerce sites using the Yopify plugin were leaking customers’ names, locations and purchases.

Developers behind FreeRADIUS, an open source implementation of the networking protocol RADIUS, are encouraging users to update to address an authentication bypass found in the server.