Google announces big changes for Android security including new features, a rebranding of old services and an updated UI, all streamlined under a new service called Google Play Protect.

The Senate’s use of the end-to-end encrypted messaging app Signal is a good first step in protecting U.S. democratic institutions, but much more needs to be protected.

DocuSign warns of a breach and subsequent theft of email addresses that are part of a phishing campaign that employs malicious macro-laced Word documents.

Researchers at DefenseCode claim a vulnerability in Google’s Chrome browser allows hackers to steal credentials and launch SMB relay attacks.

WikiLeaks released details on what it claims are two frameworks for malware samples dubbed AfterMindnight and Assassin, both allegedly developed by the US Central Intelligence Agency.

The results of two audits of the open source software OpenVPN were shared late last week. One found two legitimate vulnerabilities, the other said the service is cryptographically “solid.”

The news of the week is discussed, including this week’s Microsoft Malware Protection Engine bug, Handbrake OS X malware, the HP keylogger, Trump’s Cybersecurity EO, and more.

Researchers take a deep dive analysis on a recently discovered database of more than 500 million username and password pairs.

President Trump signed the cybersecurity executive order that mandates federal agencies implement the NIST Framework for risk management.

Researchers say an audio driver that comes installed on some HP-manufactured computers can record users keystrokes and store them in a world-readable plaintext file.