Hostinger said that unauthorized access to an internal API server exposed hashed passwords of 14 million customers. Go to Source

Researchers warn users of several plugins to update as vulnerabilities are being actively exploited to redirect website visitor traffic. Go to Source

From a backdoor placed in the Webmin utility to vulnerability disclosure drama around zero-days in Valve’s Steam gaming clients, Threatpost breaks down this week’s top stories. Go to Source

Security researchers at Pen Test Partners have found a privilege escalation flaw in the much-maligned Lenovo Solution Center software. Go to Source

Google introduced a new initiative that it hopes will fight shady online advertising practices such as digital fingerprinting. Go to Source

Willie Sutton and mobile attackers have much in common — but defenses have evolved since the famous bank robber had his heyday. Go to Source

The app purported to stream music – but actually siphoned victims’ device contacts and files. Go to Source

After Valve banned him from its bug bounty program, a researcher has found a second zero-day vulnerability affecting the Steam gaming client. Go to Source

Security researchers worry that this weekend’s coordinated attacks on more than 20 Texas governments mark a change in how ransomware attacks will be launched in the future. Go to Source

Six bugs found in Cisco’s Unified Computing System gear and its 220 Series Smart switches can allow unauthenticated remote hackers to take over equipment. Go to Source