The EFF’s annual Who Has Your Back report singles out giant telecommunications providers for their prioritization of government requests for data over privacy.

Adversaries are using the SMB communications channel to launch template injection attacks against the energy sector, including nuclear facilities.

Google has put websites signed with WoSign/StartCom SSL certificates on notice that it will no longer trust certs from the Chinese CA starting in Chrome 61.

An international group of investigators were infected by Pegasus spyware while in Mexico, Citizen Lab reports.

Victims of Sabre Corp’s SynXis reservation system breach reportedly include both the Hard Rock Hotel and Casino chain and the Loews Hotel chain.

Personal data of 3 million wrestling fans were left exposed on a database owned by World Wide Entertainment.

The key to decrypt the original Petya ransomware has been reportedly released by the ransomware’s author.

Certificate authority Let’s Encrypt said this week it will begin offering wildcard certificates in 2018.

Over the course of two months last year the Copycat malware infected 14 million Android devices and rooted more than half of them, roughly eight million devices.

The July Android Security Bulletin patches 11 critical remote-code execution bugs including one dubbed ‘Broadpwn’ that impacts both Android and iOS devices.