Google said a permissions flaw that puts Android users at heightened risk of malware, ransomware and adware attacks will not be fixed until the release of its next mobile OS, Android O.

Microsoft released an emergency update for a zero-day vulnerability disclosed by Google in the Microsoft Malware Protection Engine bundled with most versions of Windows.

Adobe fixed eight vulnerabilities, seven critical, in Flash Player and Adobe Experience Manager (AEM) Forms product as part of its regularly scheduled updates Tuesday morning.

Google said Tuesday that its OSS-Fuzz project has unearthed over 1,000 bugs, a quarter of them potential security vulnerabilities.

Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich found a remotely exploitable Windows vulnerability that Ormandy called he worst in recent memory.

Hikvision recently patched a backdoor in a slew of its cameras that could have made it possible for a remote attacker to gain full admin access to affected devices.

Security firm Embedi releases further details on the Intel AMT flaw, revealing how it can be exploited and how potentially dangerous it can be.

Hackers behind the Carbanak criminal gang have devised a clever way to gain persistence on targeted systems to more effectively pull off financially motivated crimes.

The news of the week is discussed, including the Gmail/Google Docs phishing attack, the Intel AMT vulnerability, IBM’s malware-laden USB drives, and drone security.

Microsoft shuts down hackers who hijacked a software updater with fileless, or in-memory, malware attacks.