The Pacific Northwest hospitality stalwart is also still operationally crippled by a Dec. 12 ransomware attack. [...]

A look back at what was hot with readers in this second year of the pandemic. [...]

The security vulnerability could expose passwords and access tokens, along with blueprints for internal infrastructure and finding software vulnerabilities. [...]

A critical privilege-escalation vulnerability could lead to backdoors for admin access nesting in web servers. [...]

There are 17,000npatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. [...]

A quarter-billion of those passwords were not seen in previous breaches that have been added to Have I Been Pwned. [...]

Joker malware was found lurking in the Color Message app, ready to fleece unsuspecting users with premium SMS charges. [...]

The discovery, which affects services running as localhost that aren't exposed to any network or the internet, vastly widens the scope of attack possibilities. [...]

"Owowa" stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. [...]

December's Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. [...]

An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what's vulnerable, what an attack looks like and to how to remediate. [...]

Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing, just in time to hamstring end-of-year HR activities like bonuses and vacation tracking. [...]

The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more. [...]

Cyberattackers are targeting security vulnerabilities in four plugins plus Epsilon themes, to assign themselves administrative accounts. [...]

E-commerce's proverbial Who-ville is under siege, with a rise in bots bent on ruining gift cards and snapping up coveted gifts for outrageously priced resale. [...]

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. [...]

Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances. [...]

The malware's unique blockchain-enabled backup C2 scheme makes it difficult to eliminate completely. [...]

The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned. [...]

The culprit is misconfigured Kafdrop interfaces, used for centralized management of the open-source platform. [...]

We want to know what your biggest cloud security concerns and challenges are, and how your company is dealing with them. Weigh in with our exclusive poll! [...]

Cyberattackers made off with addresses, insurance information, dates of birth, and most worryingly, clinical information, such as diagnosis, procedures, and/or prescription information. [...]

Cyberattackers had unfettered access to the technology giant's file server for four months. [...]

The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea. [...]

A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug. [...]