The CIA is planting web beacons inside Microsoft Word documents to track whistleblowers, journalists and informants, according to WikiLeaks.

Verizon’s Data Breach Investigations Report for 2017 shows big growth in the reported number of ransomware attacks and incidents involving cyberespionage.

Starting with Chrome 62, Google will start marking any HTTP page where users may enter data, and any HTTP page visited in incognito mode

As Microsoft hardens its defenses with tools such as Control Flow Guard, researchers at Endgame are preparing for the reality of Counterfeit Object-Oriented Programming attacks to move from theoretical to real.

The Hack the Air Force bug bounty program invites white hats from inside and outside the U.S. to hack its websites.

Atlassian reset user passwords for its group chat service HipChat on Monday following an incident that may have resulted in unauthorized access to a server used by the service.

Researchers say fileless in-memory malware attacks have become a major nuisance to businesses and have become even harder to detect and defend.

Mike Mimoso and Chris Brook discuss the news of the week, including last Friday’s ShadowBrokers dump – how Microsoft learned of the vulnerabilities, how they were patched by Oracle, along with Microsoft ditching passwords, and a new car dongle hack.

A white hat hacker is believed responsible for the Hajime IoT botnet because its main objective appears to be to secure IoT devices vulnerable to the notorious Mirai malware.

Google fixed a vulnerability that could’ve let an attacker carry out phishing attacks with Unicode domains in Chrome but Mozilla is holding off – for now.