Researchers found a new iOS vulnerability called “trustjacking,” which exploits a feature called iTunes Wi-Fi Sync to give attackers persistent control over victims’ devices.

Threatpost’s Tom Spring and Lindsey O’Donnell talk about the top security trends that they are watching out for at the 2018 RSA Conference this week in San Francisco.

Microsoft is looking to target new speculative execution side channel vulnerabilities – similar to Spectre and Meltdown – with a new bug bounty program.

A remote code execution security flaw has been patched in one of the latest versions of Adobe Acrobat Reader DC.

Intel will pay up to $250,000 to researchers who identify bugs more severe than 9.0 on the CVSS scale.

The vulnerability has a CVSS base score of 10.0, the highest possible, and now affects 15 products.

Data collected from the freely available scanner called EternalBlues shows that tens of thousands of computers remain vulnerable to the SMBv1 vulnerability that spawned WannaCry and ExPetr.

SquirrelMail suffers from a remote code execution vulnerability that could let attackers execute arbitrary commands on the target and compromise the remote system.

A researcher claims a backdoor exists in several DVRs and IP-enabled cameras manufactured by Dahua.

A researcher claims a backdoor exists in several DVRs and IP-enabled cameras manufactured by Dahua.