Researchers discovered an active Twitter botnet made up of 38,000 bots, generating 8.5 million tweets and netting over 30 million clicks from its victims.

Leading certificate authority Let’s Encrypt is facing criticism that its rapid growth and eagerness to encrypt internet communications is happening at a cost.

Mike Mimoso and Chris Brook discuss the news of the week, including the Verizon breach, the Oracle session hijacking attack, a Telegram-based hacking tool, and a free EternalBlue scanner.

Google has a new machine-learning algorithm it uses to compare new apps to known secure apps, improving the way it classifies submissions to Google Play.

An analysis of Amazon Web Services storage containers reveals troubling trend of misconfigured S3 buckets that leak data.

Botnets distributing FlokiBot point-of-sale malware are back in business spewing a new malware dubbed LockPoS.

Avanti Markets notified customers of a possible breach of personal and payment card data as well as biometric user information that likely occurred July 4.

The EFF’s annual Who Has Your Back report singles out giant telecommunications providers for their prioritization of government requests for data over privacy.

Google has put websites signed with WoSign/StartCom SSL certificates on notice that it will no longer trust certs from the Chinese CA starting in Chrome 61.

An international group of investigators were infected by Pegasus spyware while in Mexico, Citizen Lab reports.