The FDA sent Abbott Laboratories a warning letter citing that it had inadequately addressed the security of the maligned Merlin@home Transmitter.

A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.

Academics argue that Netflix’s recent upgrade to HTTPS is doing little to protect its users from a passive traffic analysis attack.

University researchers created a browser-based JavaScript that leverages a phone’s smart device sensor data to steal PINs.

Researchers have learned that the recently patched Office zero day was used to target victims in Russia with FINSPY spyware.

SAP has issued an updated patch for a code-injection vulnerability affecting the TREX search engine integrated into more than a dozen SAP products.

Microsoft Patch Tuesday fixes 45 vulnerabilities, one being an active zero-day bug used to spread the Dridex banking Trojan.

Adobe patched 59 vulnerabilities across five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App on Tuesday.

A Microsoft Word zero-day vulnerability is being used to spread the Dridex banking Trojan in attacks that have bypassed mitigation efforts.

Notorious spammer Peter Levashov was arrested over the weekend; Levashov is the alleged botmaster behind the Kelihos botnet.