Foxit Software says it will fix two vulnerabilities in its PDF reader products that could be triggered through its JavaScript API to execute code.

VoIP vendor Fuze earlier this year patched three vulnerabilities that exposed user account information and enabled unauthorized authentication.

Researchers at IOActive are sounding an early alarm on the security of industrial collaboration robots, or cobots. These machines work side-by-side with people and contain vulnerabilities that could put physical safety at risk.

Researchers who identified a real-time way to detect credential spearphishing attacks in enterprise settings won $100,000 from Facebook last week.

Personal and business data belonging to Boston area meeting and hotel booking provider Groupize was discovered in a publicly accessible Amazon Web Services S3 bucket, which has since been locked down.

Voter registration data belonging to the entirety of Chicago’s electoral roll—1.8 million records—was found a week ago in an Amazon Web Services bucket.

Despite yesterday’s leak of the Apple iOS Secure Enclave decryption key, experts are urging calm over claims of an immediate threat to user data.

Mike Mimoso and Tom Spring discuss this week’s security news, including a discussion on recent hijacking of popular Chrome extensions and Adobe’s decision to end-of-life Flash Player.

A hacker identified only as xerub published the decryption key unlocking the iOS Secure Enclave Processor.

Cisco patched two high-severity vulnerabilities in its Cisco Application Policy Infrastructure Controller (APIC) that could allow an attacker to elevate privileges on the host machine.