The FDA has issued a cybersecurity advisory for two models of programmers used on cardiac devices like pacemakers and defibrillators.

The delicate process for disclosing software and hardware bugs in medical devices has made important strides in recent years as the threat of lawsuits against security researchers has receded.

Replace the device? Patch the software? Lawmakers want to know how to protect legacy medical equipment from cyberthreats.