A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products.

"Unsigned" firmware continues to haunt the hardware industry.

Lenovo servers had a conspicuous security problem, but specialists at hardware-security company Eclypsium found that the story was much bigger.

The company will pay $3.5 million to settle state cases over VisualDiscovery, and will institute a security and privacy audit to satisfy the FTC, but denies wrongdoing.

Manufacturers of the millions of business PCs, laptops and servers using Intel chips with a newly discovered vulnerability are scrambling to roll out patches.