Researchers are tracking a new wave of DDoS attacks that rival Mirai when it comes to intensity and scope.

A research paper describes vulnerabilities enabling distributed guessing attacks which allow an attacker to collect payment card data across a number of sites without triggering alerts.

A new Google program OSS-Fuzz is aimed at continuously fuzzing open source software and has already detected over 150 bugs.

Today’s Android Security Bulletin included a patch for the Dirty Cow vulnerability, a seven-year-old Linux bug that had yet to be patched by Google.

Chrome 55.0.2883.75 for Windows, Mac, and Linux was released Thursday and patched 36 vulnerabilities, including 12 high-severity flaws eligible for bounties.

Mozilla released a new version of Firefox on Wednesday to address a zero day vulnerability that was actively being exploited to de-anonymize Tor Browser users.

The Tor Project has provided a browser update that patches a zero-day vulnerability being exploited in the wild to de-anonymize Tor users.

Microsoft appears to have silently fixed a two-year-old bug in in Windows Kernel Object Manager that could have allowed for the bypass of privileges in Google’s Chrome browser.

Attackers are targeting DSL routers this week with what’s being called a potent new variant of the Mirai malware that knocked offline major Internet companies like Twitter and Spotify last month.

PayPal fixed an issue that could have allowed an attacker to hijack OAuth tokens associated with any PayPal OAuth application.