Attackers have been carrying out WPSetup attacks, taking advantage of users who have installed WordPress but not yet configured it.

Google has a new machine-learning algorithm it uses to compare new apps to known secure apps, improving the way it classifies submissions to Google Play.

An analysis of Amazon Web Services storage containers reveals troubling trend of misconfigured S3 buckets that leak data.

Data belonging to 14 million Verizon customers was exposed by a partner, which misconfigured a repository storing the personal information it had access to.

Botnets distributing FlokiBot point-of-sale malware are back in business spewing a new malware dubbed LockPoS.

Uber patched an authentication bypass vulnerability in its homegrown SSO solution that allowed attackers to take over subdomains and steal session cookies.

SAP fixed 23 vulnerabilities across roughly a dozen products on Tuesday, including a series of high-risk flaws in SAP POS and SAP Host Agent.

Version 10g of Oracle Access Manager suffers from vulnerabilities that could allow an attacker to hijack sessions.

The Katyusha Scanner can find SQL injection bugs at scale, and is managed via the Telegram messenger on any smartphone.

Microsoft releases a total of 57 security patches, part of its July Patch Tuesday, with 20 rated critical.