If criminals were to target unsecured wireless routers, they could create an attack that could piggyback across thousands of Wi-Fi networks in urban areas like Chicago or New York City, according to researchers at Indiana University.

Researchers at Google and the Georgia Institute of Technology are studying a virtually undetectable form of attack that quietly controls where victims go on the Internet.

Security experts are saying that a reported al-Qaeda cyber jihad attack planned against Western institutions should be treated with skepticism.

The latest version of Oracle Corp.'s flagship database offers better security than earlier versions, but development errors have left vulnerabilities that attackers can use to steal data, an expert warned Monday.

A team of security experts in Baltimore, Md., said it has found a flaw in Apple Inc.'s iPhone handset that can be used by attackers to access private data stored on it.

Web sites running Microsoft Corp.'s Web server software are twice as likely to be hosting malicious code as other Web sites, according to research from Google Inc.

Israel unfortunately is home to the most malicious Internet activity per Internet user, said Symantec's twice-yearly Internet Security Threat Report issued on Monday. The report covered the second half of 2006.

China has taken over as the world's most botnet-infested country, as the sophistication and danger of cyberattackers continues to grow, according to Symantec.

A new version of the Storm e-mail virus is populating blogs and online bulletin boards with links directing people to a Web site that is propagating the worm, representing a new mode of attack for hackers seeking financial gain, according to a security vendor that became aware of the virus Monday night.

Google Inc. has closed a potentially major cross-site scripting vulnerability in its Google Desktop software that could have allowed remote attackers to take control of a victim's computer and its contents.

Mozilla Corp. will delay the next security update for Firefox so it can test a fix for a flaw that could be used by attackers by skirt security restrictions.

With its February security patches now two weeks away, Microsoft Corp. is warning of another critical flaw in its Office software.

Hackers have released attack code that exploits a critical vulnerability in Microsoft Corp.'s Word software -- the third such bug to be disclosed in the past week.

Since it was sunk 65 years ago today at Pearl Harbor in a surprise attack by the Japanese during World War II, the heavily damaged USS Arizona battleship has been slowly leaking fuel oil from its massive collection of now-submerged oil tanks into the harbor.

There's now one more reason to be careful about opening Microsoft Office attachments.

A flaw in Mozilla Corp.'s Firefox browser makes it easy for cybercriminals to steal user information on Web sites where users create their own pages, such as MySpace.com.

Microsoft Corp. is investigating reports of a vulnerability in a Windows ActiveX control that could allow an attacker to remotely take control of a computer, according to an advisory issued Friday. One security company rated the vulnerability critical, while Microsoft said it allowed only limited attacks.

Microsoft Corp. has issued nine security updates addressing critical flaws in its Office and Windows products. The updates patch two worrisome PowerPoint flaws that could allow attackers to seize control of a PC, the company said Tuesday.

The Indian government has blocked about 20 Web sites and blogs in India, following suspicions by the country's intelligence agencies that the sites were likely being used by terrorists to communicate with each another.

Taking advantage of the low cost of VOIP (Voice over Internet Protocol) technology, thieves have now begun luring victims to fake automated call centers via a new kind of phishing attack.