Researchers from the University College London have found a Twitter botnet of 350,000 bots that has been dormant since shortly after the accounts were registered.

Insecure Hadoop and CouchDB installations are the latest attack targets of cybercriminals who are hijacking and deleting stolen data.

Encrypted email service ProtonMail announced early Thursday that it had added its own Tor hidden service.

Docker has patched a privilege escalation vulnerability that could lead to container escapes, allowing a hacker to affect operations of a host from inside a container.

Things are about to get a lot safer on the internet with SHA-2, but there is plenty of work still to be done when it comes to SHA-1 deprecation.

The news of the week is discussed, including the ShadowBrokers’ farewell, GoDaddy’s buggy domain validation issue, MongoDB ransoms, and the latest with St. Jude Medical.

A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs.

A bug in GoDaddy’s domain validation process forced the registrar to revoke SSL certificates and reissue certs for more than 6,000 customers.

Microsoft patched two vulnerabilities rated critical that tied to Office 2016, its Edge browser and its Local Security Authority Subsystem Service (LSASS).

Microsoft patched vulnerabilities that were tied to a variety of its products including Office 2016, its Edge browser and its Local Security Authority Subsystem Service (LSASS).