The Sandworm group -- behind disinformation and election-hacking campaigns and responsible for a 2016 power outage in the Ukraine -- is now targeting e-mail servers.

Mobile providers don't often update users when applications are not supported by developers, security firm says.

Once considered a loader for other malware, Valak regularly conducts reconnaissance and steals information and credentials, new analysis shows.

Even with more security issues published on Patch Tuesdays, the total number of software flaws dropped for the first three months of 2020, according to one tally.

A variety of sites saw as much as seven times the number of domain requests in late March and early April, suggesting attackers attempted massive denial-of-service attacks.

Modern web applications make significant use of third-party code to drive innovation, but the software supply chain has also turned into a major source of threat. CDNs aim to change that.

Phishing ratings, security ratings, human-ness ratings -- we are looking at a future filled with grades of security and trustworthiness. But there is a downside.

The long debate over whether encryption and anonymity shield too much criminal behavior also has staged a resurgence.

As COVID-19-themed spam rises, phishing-not so much. An analysis of newly registered domains finds that only 2.4% are actually phishing sites aiming to steal credentials.

PHP and JavaScript developers need to pay close attention because different languages and frameworks have different rates of vulnerability, research finds.