U.S. representatives are asking Yahoo for clarity around a surveillance program mentioned in reports earlier this month.

Sierra Wireless warns that its AirLink gateways are being infected by the Mirai malware, and urges customers to change default passwords on devices.

Cheetah Mobile reports the origins of mobile Trojans are still coming from Ghost Push, which can root devices, show ads and install unwanted apps.

Mike Mimoso and Chris Brook discuss the news of the week, including the nuclear power plant ‘disruption,’ the StrongPity APT group, and the proliferation of IoT botnets.

A researcher has found a backdoor, which he calls Pork Explosion, in an Android bootloader built by Foxconn.

A popular Android app called Nine leaks Microsoft Exchange user credentials when users are tricked into connecting to rogue wireless access points.

Bug hunters earned $30,000 in rewards for reporting 21 security flaws that were fixed in Chrome 54.

Google updated its Transparency Report, reporting a record number of government requests for data, and that it received at least one National Security Letter during the second half of 2015.

Facebook announced this week that its paid out more than $5 million to 900 researchers in the five years since it implemented its bug bounty program.

A vulnerability in Cisco’s meeting server software allows a remote attacker to masquerade as legit user.