Yahoo is expected to confirm a data breach that exposed hundreds of millions of credentials dating back to 2012.

Document-based macro malware flies under the security radar by first detecting existing documents on PC.

SWIFT’s chief information security officer said Wednesday that the cooperative is still seeing cases in which its customers’ environments have been compromised.

Google released its smart messaging app called Allo, but a decision to log chats indefinitely has privacy advocates worried.

Zscater identified a keylogger on steroids that targets passwords, webcam and software licenses.

Researchers said they’ve seen an uptick in RIG Exploit Kit traffic and that attackers have begun using the kit to peddle CrypMIC ransomware.

A remote code execution in Firefox caused by the expiration of certificate pins was patched by Mozilla in Firefox 49 and Firefox ESR 45.4.

With the introduction of macOS Sierra 10.12, Apple has patched dozens of security vulnerabilities and also tackled a few Safari 10 bugs to boot.

A new ransomware strain called Mamba opts to encrypts hard drives rather than individual files and folders stored on the local disk.

Security and policy experts make another call for additional transparency around the government’s Vulnerabilities Equities Process and the zero days it has in its possession.