The FDA sent Abbott Laboratories a warning letter citing that it had inadequately addressed the security of the maligned Merlin@home Transmitter.

SAP has issued an updated patch for a code-injection vulnerability affecting the TREX search engine integrated into more than a dozen SAP products.

Academics argue that Netflix’s recent upgrade to HTTPS is doing little to protect its users from a passive traffic analysis attack.

Researchers spent six months poking holes in Signal and urge a bigger spotlight on security testing.

A Microsoft Word zero-day vulnerability is being used to spread the Dridex banking Trojan in attacks that have bypassed mitigation efforts.

Adobe patched 59 vulnerabilities across five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App on Tuesday.

Microsoft Patch Tuesday fixes 45 vulnerabilities, one being an active zero-day bug used to spread the Dridex banking Trojan.

Riverbed Technology, whose products are used by most of the Global 500, patched vulnerabilities in its SteelCentral Portal used for critical application performance monitoring.

A researcher poked holes in seven different IoT devices at last week’s Security Analyst Summit, including a host of travel routers, NAS devices, and an IP-enabled camera.

The ShadowBrokers’ latest dump of Equation Group hacks focuses on UNIX systems and GSM networks, and was accompanied by an open letter to President Trump.