Attackers are exploiting a weakness in Apple's digital rights management technology to install malicious apps on non-jailbroken iOS devices.
The KeRanger file-encrypting ransomware program for Mac OS X is based on Linux.Encoder and contains crypto flaws that could allow users to recover their files without paying cybercriminals.
Adi Shamir, co-creator of the widely used RSA cryptographic algorithm, believes that Apple should have assisted the FBI in decrypting the iPhone of one of the San Bernardino shooters and choose to resist in a future situation.
A Chinese iOS application recently found on Apple's official store contained hidden functionality that allowed users to install pirated apps on non-jailbroken devices, a technique that could also be leveraged by malware in the future.
Attackers can easily disable SimpliSafe home security systems from up to 30 meters away by using a device that costs around $250 to create, researchers from security firm IOActive found.
An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through the official app store's review process, an action that poses security risks for users.
Next year, the Java browser plug-in, which is frequently the target of Web-based exploits, will be retired by Oracle.
VirusTotal, the most widely used online file scanning service, is now executing suspicious Mac apps submitted by users inside a sandbox to generate information that could improve the analysis and detection of Mac malware.
The hardware-based encryption built into popular Western Digital external hard disk drives has flaws that could allow attackers to recover data without knowing the user password.
Adobe released a patch for a critical vulnerability in Flash Player in response to high-profile cyberespionage attacks against governmental targets.
Security researchers have identified over 4,000 iOS apps that have malicious code added by a rogue version of the Xcode development tool.
Zerodium, an exploit acquisition company, promises to pay $1 million to researchers who provide it with an exclusive, browser-based and untethered jailbreak for the latest Apple iOS 9 operating system.
A vulnerability in the iOS sandbox for third party applications, like those installed by companies on their employees' devices, can expose sensitive configuration settings and credentials.
The vulnerability allows attackers to generate rogue certificates that pass OpenSSL's validation
The vulnerability has been exploited by a China-based cyberespionage group for several weeks, security firm FireEye says.