Bugs found by Trellix researchers could allow for malicious hackers to gain access to sensitive sites like data centers.

Cybersecurity veteran Amit Yoran says Microsoft has a culture of toxic obfuscation when it comes to addressing security threats.

The debate is over whether the provision is unrealistic or if it's a game changing move to cut down on software vulnerabilities.

CISA's director has 90 days to respond to the suggestions.

Data from the Google-based team seems to reflect an industry getting faster at fixing bugs and deploying patches.

DHS follows in the footsteps of bug bounty initiatives for federal agencies that began in 2016.

CISA wants agencies to tackle nearly 300 flaws in all, ranging from within two weeks to six months.

The disclosure expands the number of devices that could be at risk due to the "BadAlloc" flaw.

Security issues in the IoT industry run deep, and a single vulnerability often affects multiple vendors.

For the second time in a week, security researchers have warned that extortionists exploited the critical flaw.