A bug in Comcast’s activation website for its Xfinity routers leaked sensitive customer data.

Clouldflare launches DNS-over-HTTPS service called 1.1.1.1 that it says will be a “privacy-first” DNS service for consumers.

Mozilla is testing a method of securing DNS traffic via HTTPS, but is faced with some privacy resistance.

Hyundai Motor America patched its Blue Link mobile app after researchers found a cleartext encryption key that could be use to expose user and vehicle information.

The makers of the popular messaging app Confide said Wednesday it has patched multiple security vulnerabilities that could of allowed hackers to intercept messages sent using its secure end-to-end messaging platform.

St. Jude Medical added another Merlin@home Transmitter medical device to its list of equipment vulnerable to a man-in-the-middle attack.

Academics studying 283 Android VPN apps quantified a number of problems associated with native platform support for VPN clients through the BIND_VPN_SERVICE.

Attackers could exploit over-the-air updates in three million Android devices to remotely execute commands with root privileges via a man-in-the-middle (MiTM) attack.

Eight out of 10 Android devices are affected by a critical Linux vulnerability disclosed last week that allows attackers to identify hosts communicating over the Transmission Control Protocol (TCP) and either terminate connections or attack traffic. The flaw has been present in the TCP implementation in Linux systems since 2012 (version 3.6 of the kernel),...

Lenovo has waved the white flag on a vulnerable component of its pre-installed software updater and recommends that users uninstall it from more than 110 notebook and desktop models running Windows 10. The decision to have users yank the Lenovo Accelerator Application comes days after a Duo Labs study on bloatware vulnerabilities exposing machines from...