Drupal fixed a handful of issues in version 7 and 8 of the content management system core engine that could have led to cache poisoning, social engineering attacks, and a denial of service condition.

Qualcomm and HackerOne are partnering for a bug bounty program that pays out up to $15,000 for vulnerabilities found in chipsets used in smartphones made by Samsung, LG and HTC.

A vulnerability in iOS 8, 9, 10, and even the most recent beta version, 10.2 beta 3, could allow an attacker to access photos and contacts on a locked iPhone.

The security community often thrives on controversy, but when it comes to vulnerability disclosures in life-saving medical devices, ego and attention-grabbing must be put aside.

IBM introduced on Wednesday a new Cyber Range attack simulator during the opening of its global security headquarters in Cambridge, Mass.

Mozilla addressed 29 vulnerabilities, three critical, when it released the latest iteration of its flagship browser, Firefox 50 on Tuesday.

The Carbanak cybercrime gang has shifted strategy and targets the hospitality and restaurant industries with new techniques and malware.

A vulnerability in cryptsetup, a utility used to set up encrypted filesystems on Linux distributions, could allow an attacker to retrieve a root rescue shell on some systems.

VMware patched a vulnerability in Workstation and Fusion that could allow an attacker to run code on a host machine.

The FriendFinder Network has reportedly been hacked exposing 400 million user accounts of Adult FriendFinder, Penthouse.com and Stripshow.com.