HackerOne’s 2018 Hacker-Powered Security Report showed that the average award for critical vulnerabilities has increased.

Microsoft released 18 security bulletins, eight rated critical. The company also patched publicly disclosed vulnerabilities that surfaced since last month’s postponement of Patch Tuesday.

By making the Vulnerability Equities Process law, advocates of the idea argue there would be more reliability, transparency and accountability in the process of government vulnerability disclosure.

Results of a NTIA survey published today show that researchers prefer open communication with vendors over financial compensation when it comes to vulnerability disclosure.

In the wake of the Pentagon and Army bug bounties, the government continues to engage researchers with the publication of the DoD’s vulnerability disclosure program.

The security community often thrives on controversy, but when it comes to vulnerability disclosures in life-saving medical devices, ego and attention-grabbing must be put aside.

Google today disclosed the existence of a Windows zero-day vulnerability under attack. The flaw was reported to Microsoft 10 days ago; Microsoft says the disclosure puts users at risk.

Security and policy experts make another call for additional transparency around the government’s Vulnerabilities Equities Process and the zero days it has in its possession.

Apple isn’t the only one offering up a $200,000 reward for severe vulnerabilities on mobile devices. Google followed suit yesterday with the announcement of the Project Zero Prize, and like the Apple Security Bounty, the top payout is $200,000. Announced by Google’s Project Zero research team, the contest began yesterday and is scheduled to run...

St. Jude Medical yesterday filed a lawsuit alleging that investment research firm Muddy Waters and healthcare security research company Med Sec made false claims in a report focused on the security of St. Jude products. The report released Aug. 25 warned of potentially catastrophic cybersecurity vulnerabilities in St. Jude pacemakers, defibrillators and other medical devices....