The top 100 averaged a “C+” grade for information disclosure. SSL/TLS strength and application security are both lagging, with an overall “C” grade according to research by Black Kite.

In a statement, NPC confirmed the receipt of a breach notification report on November 15 from S&R Membership Shopping concerning a cyberattack “that may have compromised its members’ personal data.”

In an experiment by Palo Alto Network’s Unit 42, around 80% of the honeypots were compromised within 24 hours and the rest were compromised within a week, with SSH being the prime target.

Upon analyzing Emotet’s code, several researchers confirmed that the malware has been upgraded, along with expansion of its infrastructure, for an improved, secure, and robust operation.

The hospital learned that a night shift employee improperly accessed electronic medical patient records in violation of its policies, leading to unauthorized access to 13,000 patients’ data.

Hide My WP, a popular WordPress security plugin, contained a serious SQL injection (SQLi) vulnerability and a security flaw that enabled unauthenticated attackers to deactivate the software.

Ukrainian investigators are celebrating after claiming to have arrested members of a prolific mobile hacking gang named Phoenix which targeted victims via Apple and Samsung phishing sites.

A new Iranian threat actor has been found exploiting a patched critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer.

The personally identifiable information of more than 62,000 U.S. citizens may have been compromised following a cyber-attack against a New Mexico-based healthcare insurer.

The GoDaddy breach affecting 1.2 million customers has widened – it turns out that various subsidiaries that resell GoDaddy Managed WordPress services were also affected.