Security News

A security researcher claims that data belonging to doctors deployed in the United States Special Operations Command was left unsecured online.

Joint report “Grizzly Steppe” implicates Russian hacking group Fancy Bear in U.S. election-related hacking.

Critical remote code execution vulnerabilities in PHPMailer and SwiftMailer, libraries used to send emails via PHP, were patched this week.

Threatpost writers recap 2016's biggest news stories, including the proliferation of IoT botnets, ransomware, the FBI vs. Apple story, and more.

Ransomware, insecure connected devices, bug bounties and governments buying bugs: All four ceased to be novelties in 2016; they’re all new normals for cybersecurity.

A new Android Trojan, Switcher, uses victims' devices to infect WiFi routers and funnel users of the network to malicious sites.

A critical PHPMailer bug tied to the way websites handle email and feedback forms is leaving millions of websites hosted on popular web-publishing platforms such as WordPress, Drupal and Joomla...

A bug bounty hunter earned $5,000 for a Facebook hack that allowed him to bypass security protection and access any Facebook user's true email address.

Cisco is warning customers of a privilege escalation flaw in Cisco CloudCenter Orchestrator systems that could allow an attacker to gain root privileges on affected systems.

Apple extended the deadline of Dec. 31 for developers adopt App Transport Security standards for applications submitted to the App Store.