Joomla on Tuesday patched a critical LDAP injection vulnerability that had lingered in the content management system for eight years. Attackers could use this bug to steal admin login credentials.

Researchers combed through 2,000 Chrome error reports to better classify HTTPS error warnings.

Proof-of-concept malware called aIR-Jumper can be used to bypass air-gapped network protections and send data in and out of network.

A deep-learning network known as a GAN has been applied to passwords, and a tool called PassGAN significantly improves the ability to guess user passwords over tools such as Hashcat or John the Ripper.

Businesses that are cloud-focused tend to run the most secure software, while the healthcare sector is struggling the most when it comes to accomplishing the same goal, according to the BSIMM8 Report.

Apple released a number of patches, including a security update for iOS 11, which is available today.

Equifax suffered another breach of its systems, back in March, the company revealed Monday.

The risks surrounding the latest Apache bug, called Optionsbleed, are limited given it can only be attacked under certain conditions. Apache, and many Linux distributions, have patched the flaw.

An undocumented Microsoft Office feature allows for spying via specially crafted Word documents—no macros, exploits or any other active content needed.

A cryptocurrency miner surfaced on The Pirate Bay for a day over the weekend.