New research indicates that over 80,000 Hikvision surveillance cameras in the world today are vulnerable to an 11 month-old command injection flaw.

Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior.

Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments.

Bad actor obtained passwords for servers, home routers, and smart devices by scanning internet for devices open to the Telnet port.

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates ...

The BLURtooth flaw allows attackers within wireless range to bypass authentication keys and snoop on devices utilizing implementations of Bluetooth 4.0 through 5.0.

After a recent dip, ransomware attacks are back on the rise. According to data released by NCC Group, the resurgence is being led by old ransomware-as-a-service (RaaS) groups.

A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.

The threat actors stole data and used Clop's leaks site to demand money in an extortion scheme, though no ransomware was deployed.

Threat actors are finding their way around Microsoft’s default blocking of macros in its Office suite, using alternative files to host malicious payloads now that a primary channel for threat ...