Companies involved in technologies for keeping vaccines cold enough for safe storage and transportation are being targeted in a sophisticated spear-phishing campaign, IBM says.

A newly discovered module checks machines for flaws in the UEFI/BIOS firmware so malware can evade detection and persist on a device.

Researchers detail how a Android APK obfuscation service automates detection evasion for highly malicious apps.

Container manager vulnerability is one of several weaknesses and vulnerabilities recently disclosed for Docker.

Most of these issues can be remediated, but many users and administrators don't find out about them until it's too late.

Eight federal law enforcement agencies participated in the Money Mule Initiative, a global crackdown on money laundering.

Machine learning-based products can be tricked to classify malware as a legitimate file, new findings show.

CISOs and their staffs are up against too many systems, screens, and alerts, with too few solutions to effectively address pain points.

A new patched memory corruption vulnerability in Apple's AWDL protocol can be used to take over iOS devices that are in close proximity to an attacker.

Companies need to embrace automation and dependency tracking to keep software secure, GitHub says in its annual security report.