Mitigating Spectre and Meltdown flaws won’t be easy, but experts say exploits targeting Spectre will be hard to patch against.

Google removed 22 malicious adware apps ranging from flashlights, call recorders to wifi signal boosters that together were downloaded up to 7.5 million times from the Google Play marketplace.

Intel, Amazon, ARM, Microsoft and others have shared patch updates to keep customers informed on their mitigation efforts to protect against the far reaching Spectre and Meltdown vulnerabilities impacting computers, servers and mobile devices worldwide. 

Google moved quickly to kick three fake bitcoin wallet apps from its Google Play marketplace after researchers discovered them earlier this month.

Android receives three remote code execution patches for vulnerabilities rated critical as Google launches a new Pixel/Nexus Security Bulletin.

The FBI can keep details around how much it paid and which company it hired to unlock a terrorist’s iPhone 5C in 2016 secret, the court ruled over the weekend.

The macOS Keychain attack, Signal’s new private contact discovery service, the Deloitte hack, and a handful of mobile stock trading app vulnerabilities are discussed.

Signal is testing out a new private contact discovery service that will let the app determine if a user has Signal contacts in their address book, but forbid its servers from accessing the users’ address book.

Google’s Project Zero released a proof-of-concept attack against a Wi-Fi firmware vulnerability in Broadcom chips that backdoors the iPhone 7. The flaw was patched in iOS 11.

Researchers settle PIN versus pattern debate with study that proves a low-tech hack makes cracking an unlock screen simple.