Atlassian reset user passwords for its group chat service HipChat on Monday following an incident that may have resulted in unauthorized access to a server used by the service.

SquirrelMail suffers from a remote code execution vulnerability that could let attackers execute arbitrary commands on the target and compromise the remote system.

Scans show tens of thousands of Windows servers infected with the DoublePulsar kernel exploit leaked by the ShadowBrokers two weeks ago.

A white hat hacker is believed responsible for the Hajime IoT botnet because its main objective appears to be to secure IoT devices vulnerable to the notorious Mirai malware.

Last Friday’s ShadowBrokers dump, Microsoft ditching passwords, and a new car dongle hack are all discussed.

Microsoft fixed a bug in Skype last month that could have allowed an attacker to execute code on the system it was running on, phish Skype credentials and crash the application.

Drupal released a point update for its core engine to patch a critical access bypass vulnerability.

Endpoints are still encountering exploits for the LNK vulnerability, one of the principal infection mechanisms used by the Stuxnet worm.

Researchers say more than 100,000 Linksys routers in use today could be vulnerable to 10 flaws found in 20 separate router models made by the company.

Google fixed a vulnerability that could’ve let an attacker carry out phishing attacks with Unicode domains in Chrome but Mozilla is holding off – for now.