Spammers are turning to an old technique known as hailstorm to slip past anti-spam and anti-malware filters to deliver Dridex banking malware and Locky ransomware.

IOActive researchers disclosed vulnerabilities in Panasonic Avionics In-Flight Entertainment systems that could be abused to manipulate flight data shown to passengers, or steal their personal information.

Now that a proposed revision to the Wassenaar Arrangement has been rejected, it will be up to the Trump administration to decide whether to attempt to renegotiate again.

Google on Monday announced Project Wycheproof, a collection of unit tests designed to help check for weaknesses in cryptographic algorithms.

A hacker offered to sell an unpatched system vulnerability in the U.S. Election Assistance Commission website on the Dark Web for “thousands” of dollars.

Mike Mimoso and Chris Brook discuss the news of the week including Yahoo’s latest breach announcement, a DDoS-for-hire crackdown, hackers seeking help with Mirai, and some new Adobe patches.

The insecurity of WordPress plugins has been well documented, especially over the last year, but in the grand scheme of things, it’s not as bad as it seems, experts claim.

Nagios Core has been updated to take care of two critical vulnerabilities that can be pinned together to attack servers hosting the open source IT infrastructure monitoring software.

A remote code execution bug in Ubuntu Desktop was patched; the vulnerability affected all default installations of Quantal version 12.10 and later.

Open source and third-party software bugs haunt even the best developers’ projects, despite the industry’s best efforts to avoid them.