Starting with Chrome 62, Google will start marking any HTTP page where users may enter data, and any HTTP page visited in incognito mode

The latest version of Firefox expands non-secure HTTP warnings, enables SHA-1 deprecation by default, and removes support for NPAPI.

This week HTTPS hit a huge milestone. According to a two-week survey of telemetry data from the Mozilla Firefox browser, 50 percent of page loads used HTTPS.

Facebook dismisses a researcher who says multimedia content sent via Facebook Messenger can be intercepted by a third party under certain conditions.

A popular mobile application that provides financial market research material operates without a measure of encryption, putting user information, including credentials and strategic financial interests at risk. The Seeking Alpha mobile app for Android and iOS also leaks everything from HTTP cookies to stock positions the user may be interested in. The app is not...

Certificate authority Let’s Encrypt is celebrating a major milestone in the young nonprofit’s existence issuing its 5 millionth certificate this month. Let’s Encrypt launched to the general public just seven months ago. “Our goal is to get the entire web 100 percent HTTPS,” said Josh Aas, executive director for the Internet Security Research Group, the...

All custom domains hosted on WordPress.com will soon have their sites automatically encrypted for free. WordPress said late Friday afternoon that more than one million sites will have encryption automatically deployed. “We are closing the door to unencrypted web traffic at every opportunity,” wrote Barry Abrahamson, chief systems wrangler at Automattic, WordPress’ parent company. WordPress...