Drupal released a point update for its core engine to patch a critical access bypass vulnerability.

Microsoft announced this week its giving users a new way to sign into their accounts without long and complicated passwords.

At F8 today, Facebook released SDKs and documentation for the integration of Delegated Account Recovery into Java, NodeJS and Ruby applications.

Here are the exploit kits to watch for over the next three to six months.

A popular version of the Magento ecommerce platform is vulnerable to a remote code execution bug, putting as many as 200,000 online retailers at risk.

University researchers created a browser-based JavaScript that leverages a phone’s smart device sensor data to steal PINs.

Microsoft Patch Tuesday fixes 45 vulnerabilities, one being an active zero-day bug used to spread the Dridex banking Trojan.

Adobe patched 59 vulnerabilities across five different products, including Flash Player, Acrobat/Reader, Photoshop, Adobe Campaign, and its Adobe Creative Cloud App on Tuesday.

A Microsoft Word zero-day vulnerability is being used to spread the Dridex banking Trojan in attacks that have bypassed mitigation efforts.

Security information and event management solutions are supposed to boost security, but researchers say the network analysis tools are ripe attack targets.