Don't-Miss Security Stories
Some iOS users found a malicious library of unknown origin on their jailbroken devices
For almost an entire year beginning in March 2013, malicious attackers may have been harvesting customer information including credit card data, LaCie says.
News of the Heartbleed bug has brought the Web to its knees, and Bloomberg says the NSA has been exploiting it for at least two years.
A company spokesperson confirmed to Re/code that none of its web services use the OpenSSL software which is at the center of the security uproar.
As the list of major sites hit by Heartbleed grows, LastPass is helping its users figure out which accounts need password changes.
Adobe Systems addressed two remote code execution flaws, including one demonstrated at the Pwn2Own hacking competition last month.
Administrators are advised to patch and revoke old private keys
An iOS 7 bug could interfere with Activation Lock, iAds are now open to all and sundry, and Apple announces its next quarterly conference call.
Apple has not removed the fake app so far despite being notified in December, Tor developers say
The attackers sought credentials and other personal information through a phishing scheme, researchers said
A fake login page looks legitimate since it is served up by Google over SSL, Symantec said
"It's the makers, thinks, and the development community" that can help protect your data from a surveillance dragnet, the NSA whistleblower said via video at a South by Southwest panel
Digital comic service says usernames, e-mails and passwords were stolen.