Avanti Markets notified customers of a possible breach of personal and payment card data as well as biometric user information that likely occurred July 4.

Google has put websites signed with WoSign/StartCom SSL certificates on notice that it will no longer trust certs from the Chinese CA starting in Chrome 61.

Personal data of 3 million wrestling fans were left exposed on a database owned by World Wide Entertainment.

Certificate authority Let’s Encrypt said this week it will begin offering wildcard certificates in 2018.

The July Android Security Bulletin patches 11 critical remote-code execution bugs including one dubbed ‘Broadpwn’ that impacts both Android and iOS devices.

Citizen Lab investigates the targeting of Chinese language news websites in a phishing attack that leveraged the NetWire remote access Trojan.

Researchers have found links between the BlackEnergy APT group and threat actors behind the ExPetr malware used in last month’s global attacks.

Developers of Classic Ether Wallet said an attacker managed to hijack the domain for the wallet via social engineering late Thursday evening.

A thorough review of the top 1 million websites reveals 93 percent fail Mozilla’s Observatory security review.

The glaring privacy issues tied to an online health and beauty retailer allows customers to log-in to their user accounts with just their email address – no password needed.