Senators worry that new D.C. Metro railcars could carry cyber risk
The lawmakers exhorted the subway system's leadership to “take the necessary steps to mitigate growing cyber risks" to new railcars that could be produced by a Chinese company.
Former WPML employee hacks plugin website to spam customers
The makers of the WPML plugin said they're taking legal action against the attacker.
Accused 'Methbot' ringleader pleads not guilty after extradition to U.S.
Aleksandr Zhukov is the lead defendant in the “Methbot” case, in which he is accused of renting more than 1,900 computer servers to simulate ad views.
Sneaky motion-detection feature found on Android malware
The logic seems to be that if a hacked phone was moving, the device probably wasn’t a research tool being used by a security company trying to detect malware, Trend Micro researchers said.
New code-validation project tries to spot the next industrial supply chain attack
A new DHS-funded project traces the provenance of software code.
Nearly 773 million email addresses leaked, spelling trouble for people who re-use passwords
Some 140 million email addresses and 10 million passwords are new to Hunt’s Have I Been Pwned website, the free service that tracks whether user credentials have been made available in data dumps.
Cryptojacking malware gets past cloud security programs by uninstalling them
Palo Alto Networks says this type of evasive technique is likely to keep popping up.
New 'Magecart' group used ad plugin to steal payment data from hundreds of websites
The attack bears similarity to Magecart activity, but researchers say a new Magecart group is behind it.
System restore: How stressed security bosses unwind from the daily grind
Cybersecurity professionals are saddled with stress. Here's how some decompress after playing defense against hackers on the daily.
Epic Games login tokens were susceptible to theft, research shows
Researchers say it was possible to hijack old Epic Games domains and use them break into other users' accounts.