Thanks to auto-play, it’s possible to crash Windows systems by simply inserting the drive into the USB port, no further user interaction necessary.

A slew of products from medical dispensing company BD are susceptible to the KRACK vulnerability disclosed last fall.

Researchers warn that the code behind this remote access trojan has been tweaked in an attempt to decrease antivirus detection.

Version 1.1 includes updates on authentication and identity, self-assessment, supply-chain security and vulnerability disclosure, among other changes.

Twitter is the latest company to face backlash for how it handles data privacy after disclosing that it sold data access to a Cambridge Analytica-linked researcher.

The gang behind the Atlanta city shutdown and other attacks is selecting victims carefully and offering volume discounts to unlock whole organizations.

Uber is tightening policies around its bug bounty program after a 2016 data breach exposed deep flaws in its policies around handling extortion.

It’s analyzing the server, operated by the North Korea-sponsored APT, which was used to control the global GhostSecret espionage campaign affecting 17 countries.

Microsoft has released new Spectre mitigations for Windows 10, which include Intel microcode fixes for CPUs running on Windows.

Taking a “dirty deeds done dirt cheap” approach, the kit generates an initial malware payload for social-engineering spam campaigns for just $40 per month.