Customers of several brands that resell GoDaddy Managed WordPress have also been caught up in the big breach, in which millions of emails, passwords and more were stolen. [...]

Just weeks after a judge ruled that NSO Group did not have immunity in a suit brought by Facebook subsidiary WhatsApp, Apple is adding significant weight to the company's woes. [...]

The kingpin domain registrar has logged its fifth cyber-incident since 2018, after an attacker with a compromised password stole email addresses, SSH keys and database logins. [...]

CloudLinux's security platform for Linux-based websites and web servers contains a high-severity PHP deserialization bug. [...]

A politically motivated group is paralyzing Israeli entities with no financial goal – and no intention of handing over decryption keys. [...]

CVE-2021-0146, arising from a debugging functionality with excessive privileges, allows attackers to read encrypted files. [...]

Malicious groups disable features in Alibaba Cloud ECS instances for Monero cryptojacking, according to Trend Micro researchers. [...]

Researchers warn that CVE-2021-34484 can be exploited with a patch bypass for a bug originally addressed in August by Microsoft. [...]

The distributed computing vendor patched the flaw, affecting Citrix ADC and Gateway, along with another flaw impacting availability for SD-WAN appliances. [...]

The cyberattacker attempted to extort the company after socially engineering a customer service employee to gain access to email addresses and more. [...]

Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks. [...]

A savvy campaign impersonating the cybersecurity company skated past Microsoft email security. [...]

The bug (CVE-2021-43267) exists in a TIPC message type that allows Linux nodes to send cryptographic keys to each other. [...]

The banker, aka Metamorfo, is roaring back after Spanish police arrested more than a dozen gang members. [...]

The FBI is warning about a fresh extortion tactic: threatening to tank share prices for publicly held companies. [...]

Out of 92 security vulnerabilities, 66 are rated critical in severity, mostly allowing code execution. The most severe can lead to information disclosure. [...]

A researcher was able to crack 70 percent of the gathered hashes in an experiment in a residential neighborhood. [...]

The Nobelium group, linked to Russia's spy agency, is looking to use resellers as a path to infiltrate their valuable downstream customers - and it's working. [...]

The infamous Carbanak operator is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure "pen-testing" company. [...]

The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw. [...]

A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment. [...]

The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics. [...]

A major cyberattack resulted in data being stolen, too, but Sinclair's not sure which information is now in the hands of the crooks. [...]

The group – which also created BazarLoader and the Conti ransomware – has juiced its distribution tactics to threaten enterprises more than ever. [...]

The campaign, which uses the Apple Developer Program and Enterprise Signatures to get past Apple's app review process, remains active. [...]