A rogue Pokémon Go helper application with over 500,000 downloads on Google Play had Trojan code that downloaded root exploits to take over Android devices.
Adobe Systems has fixed over 30 vulnerabilities in its Flash Player and Digital Editions products, most of which could be exploited to remotely install malware on computers.
Microsoft released one of its biggest security updates this year, fixing 50 vulnerabilities in its products and 26 more in Flash Player which is bundled with its Edge browser.
Hackers found and disclosed 47 new vulnerabilities affecting 23 IoT devices from 21 manufacturers during during the IoT Village at DEF CON.
A publicly disclosed vulnerability in the MySQL database could allow attackers to completely compromise some servers
Thousands of publicly accessible FTP servers, including many Seagate network-attached storage devices, are being used by criminals to malware that mines cryptocurrency.
The Xen Project has fixed four vulnerabilities in its widely used virtualization software, two of which could allow malicious virtual machine administrators to take over host servers.
To push more websites to implement encryption and to better protect users, Google will start flagging plain HTTP connections as insecure in its popular Chrome browser.
A security researcher demonstrated that all it takes to steal an OS account's password hash from a Windows computer in a locked state, is to plug in a special USB device for a few seconds.
Google is now providing more information to website owners whose online properties are temporarily blocked as unsafe by its Safe Browsing technology in order to help them fix the identified problems faster.
Google released a large monthly batch of security patches for Android, fixing 55 vulnerabilities, eight of which are rated critical.
Security researchers have identified a new family of Linux rootkits that despite running from user mode, can be hard to detect and remove.
A bad malware signature caused Sophos antivirus products to detect a critical Windows file as malicious, preventing some users from accessing their computers.
Five years after a security breach forced the Linux Foundation to take kernel.org offline and to rebuild several of its servers, police have arrested a suspect in the case.
Microsoft has expanded its bug bounty programs to cover its open-source .NET Core and ASP.NET Core application development platforms.