A botnet has exploited a highly critical Drupal CMS vulnerability, which was previously disclosed by Drupal in March.

Andy Ellis, CSO Akamai, discusses how the company works with others within the cybersecurity landscape to help keep the internet safe.

Threatpost’s Tom Spring talked to Roman Unuchek, senior malware analyst at Kaspersky Lab, about his discoveries this week at the RSA Conference.

Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?

Despite numerous talks about IoT vulnerabilities at RSAC this week, a clear resolution on a fixes is nowhere in sight.

Researchers show why keeping a handle on user credentials is just as hard in the cloud as it is on local networks.

Private intelligence gathering firm LocalBlox leaked data on 48 million users that was scraped from Facebook, LinkedIn, Zillow and other sites.

Researchers are warning malware payloads can bypass traditional AV protection when delivered buried inside images, documents or even just a pixel.

Researchers found a new iOS vulnerability called “trustjacking,” which exploits a feature called iTunes Wi-Fi Sync to give attackers persistent control over victims’ devices.

Researchers have identified a hacking group behind several widescale maritime shipping industry business email compromise (BEC) attacks since June.