The Vice President of the Apache Struts PMC says the attackers likely used an unknown Struts zero day or an earlier announced vulnerability.

D-Link router model 850L has 10 vulnerabilities that could allow a hacker to gain remote access and control of device, according to researcher.

Android phones not running the latest Oreo OS are vulnerable to a high-severity “toast” overlay attack.

Victims of the massive Equifax breach may have to wait days to find out if they were impacted.

Equifax, one of the three largest credit agencies in the United States, disclosed Thursday afternoon it’s looking into a data breach that may have affected upwards to 143 million Americans.

A new variant of the banking trojan Dridex is part of a sophisticated phishing attack targeting users of the cloud-based accounting firm Xero.

Microsoft is opting to stand pat and not fix a content security bypass vulnerability in its Edge browser, something researchers warn could potentially lead to the disclosure of confidential information.

Researchers say a 18-year-old programming error by Microsoft is creating a kernel bug that can be abused by an attacker.

Tor Project developers recently bolstered Orfox, a Tor Browser for Android devices, to help privacy-conscious mobile browsers better customize their security.

An IDN homograph attack leveraging Adobe’s brand has been discovered, with the malicious site spreading the Betabot backdoor