A zero day vulnerability exists in WordPress Core that in some instances, could allow an attacker to reset a user’s password and in turn, gain access to their account.

Drones, many readily available on e-commerce shops like Amazon, are plagued by vulnerabilities that could give attackers full root access to the device, read or delete files, or crash the device.

Embedi, which is behind the Intel AMT vulnerability revealed Monday, seeks to clarify “baseless assumptions” being made about the flaw.

Intel warns business PC customers of a critical vulnerability found in its Active Management Technology that allows for escalation of privilege attacks.

Fuze addressed two issues that publicly exposed recordings of private business meetings made over the collaboration platform.

Google pushed out its monthly Android patches Monday, addressing 17 critical vulnerabilities, six of which are tied to the Android Mediaserver component and four addressing problems with Qualcomm chipsets.

Neustar’s annual DDoS attack report says businesses can lose $2.5M on average detecting and mitigating DDoS attacks.

Yahoo has patched an account takeover vulnerability on its Flickr image-hosting service that earned an independent security researcher a $7,000 bounty.

Mike Mimoso and Chris Brook recap this year’s SOURCE Boston Conference and discuss the week in news, including the long term implications of the NSA’s DoublePulsar exploit, and the HipChat breach.

As Microsoft hardens its defenses with tools such as Control Flow Guard, researchers at Endgame are preparing for the reality of Counterfeit Object-Oriented Programming attacks to move from theoretical to real.