Not only is the jaw-dropping flaw in the Apache Log4j logging library ubiquitous; Apache’s blanket of a quickly baked patch for Log4Shell also has holes. [...]

The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats. [...]

The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and has already targeted 40 victims since September. [...]

The powerful devices leveraged by the Meris botnet have weaknesses that make them easy to exploit, yet complex for organizations to track and secure, researchers said. [...]

The botnet, which resurfaced last month on the back of TrickBot, can now directly install Cobalt Strike on infected devices, giving threat actors direct access to targets. [...]

One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing. [...]

Attackers that previously targeted the cloud platform provider have shifted their focus to additional products in the company’s portfolio. [...]

AT&T is battling a modular malware called EwDoor on 5,700 VoIP servers, but it could have a larger wildcard certificate problem. [...]

Attackers use socially engineered SMS messages and malware to compromise tens of thousands of devices and drain user bank accounts. [...]

Links between the tactics and tools demonstrated in attacks suggest a former affiliate has switched loyalties, according to new research. [...]

Some security researchers say it’s actually Cobalt Strike and not a SmokeLoader variant, but BioBright says in-depth testing shows it’s for real a scary morphic malware that changes its parts and recompiles itself. [...]

Fake merchandise and crypto jacking are among the new ways cybercriminals will try to defraud people flocking online for Black Friday and Cyber Monday. [...]

Researcher discovered a “more powerful” variant of an elevation-of-privilege flaw for which Microsoft released a botched patch earlier this month. [...]

Opportunistic attackers instantly exploited insecurely exposed services deployed in honeypots by Unit 42 researchers, demonstrating the immediate danger of these typical mistakes. [...]

A hefty slice of data – that of 100K+ current and former employees – was spilled in an “external system breach,” the pizza chain said. [...]

Threat actors are targeting Middle-East-based employees of major corporations in a scam that uses a specific ‘ephemeral’ aspect of the project-management tool to link to SharePoint phishing pages. [...]

Threat actors used malicious emails to target more than 125 people with high-profile TikTok accounts in an attempt to steal info and lock them out. [...]

Researchers observed what looks like the Emotet botnet – the "world’s most dangerous malware" – reborn and distributed by the trojan it used to deliver. [...]

BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities. [...]

BotenaGo, written in Google’s Golang programming language, can exploit more than 30 different vulnerabilities. [...]

The One Font BEC campaign targets Microsoft 365 users and uses sophisticated obfuscation tactics to slip past security protections to harvest credentials. [...]

PhoneSpy already has stolen data and tracked the activity of targets in South Korea, disguising itself as legitimate lifestyle apps. [...]

Researchers discovered 14 vulnerabilities in the ‘Swiss Army Knife’ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks. [...]

The U.S. State Department ups the ante in its hunt for the ransomware perpetrators by offering a sizeable cash sum for locating and arresting leaders of the cybercriminal group. [...]

The Magecart threat actor uses a browser script to evade detection by researchers and sandboxes so it targets only victims’ machines to steal credentials and personal info. [...]