LastPass has reportedly fixed one of three bugs in the password manager discovered by Google research Tavis Ormandy in the last week.

A critical vulnerability in Moodle, an open source system deployed across hundreds of thousands of universities, could expose the server to compromise.

A severe vulnerability has been disclosed in libpurple, the library used in the development of a number of popular instant messaging clients, including Adium for the macOS platform.

Since January, a number of ransomware families are sharing a common infrastructure with different techniques allowing the malware to hide from detection systems.

Microsoft warns this year’s crop of tax scams use social engineering attacks based on fear to spread banking Trojans and collect personal info.

A researcher has published a method by which a local admin can hijack any other Windows sessions without the need for credentials.

Mozilla patched a zero day uncovered at Pwn2Own in Firefox in 22 hours on Friday.

Cisco said an unpatched critical vulnerability exposed by WikiLeaks’ Vault 7 release of CIA documents could give an attacker full control of the targeted switches and routers.

Mike Mimoso talks to Duo Security co-founder and CTO Jon Oberheide at RSA Conference about Google’s BeyondCorp security model, enforcing perimeter security, how endpoint security has evolved through the years, and the future of passwords.

Hackers pulled off a VM escape and took down Adobe Flash, Microsoft Windows and Edge, Apple Safari and macOS, and Mozilla Firefox at Pwn2Own 2017.