A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc. [...]

Cybercriminals exploited bugs in the world's largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users. [...]

The cyberattacks, linked to a Chinese-speaking APT, deliver the new MysterySnail RAT malware to Windows servers. [...]

An Iran-linked group is taking aim at makers of drones and satellites, Persian Gulf ports and maritime shipping companies, among others. [...]

The destroyer-class USS Kidd streamed hours of game play in a funny incident that has serious cybersecurity ramifications. [...]

The possible cyberattacks include disabling monitoring, location-tracking of children and malicious redirects of parent-console users. [...]

The rare UEFI bootkit drops a fully featured backdoor on PCs and gains the ultimate persistence by modifying the Windows Boot Manager. [...]

Three security vulnerabilities in Axis video products could open up the door to a bevy of different cyberattacks on businesses. [...]

The open-source project has rolled out a security fix for CVE-2021-41773, for which public cyberattack exploit code is circulating. [...]

An analysis of second-quarter malware trends shows that threats are becoming stealthier. [...]

A former medical records tech stole PII that was then used to fraudulently claim DoD and VA benefits, particularly targeting disabled veterans. [...]

The group uses millions of password combos at the rate of nearly 2,700 login attempts per minute with new techniques that push the ATO envelope. [...]

Researchers have demonstrated that someone could use a stolen, locked iPhone to pay for thousands of dollars of goods or services, no authentication needed. [...]

Apple's personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS. [...]

The mobile malware has fleeced hundreds of millions of dollars from victims globally, using sophisticated techniques. [...]

A 'nearly impossible to analyze' version of the malware sports a bootkit and 'steal-everything' capabilities. [...]

Income level, education and being part of a disadvantaged population all contribute to cybercrime outcomes, a survey suggests. [...]

The mobile baddie grants itself access to almost everything, enabling spying, data-harvesting, stalking and fraud attacks, among others. [...]

Unauthenticated cyberattackers can also wreak havoc on networking device configurations. [...]

A custom "SparrowDoor" backdoor has allowed the attackers to collect data from targets around the globe. [...]

The issue lies in a parental-control function that's always enabled by default, even if users don't configure for child security. [...]

All a user needs to do is click on an email attachment, and boom – the code is silently executed without the victim knowing. It affects Big Sur and prior versions of macOS. [...]

"Time to find out who in your family secretly ran... [a] QAnon hellhole," said attackers who affiliated themselves with the hacktivist collective Anonymous, noting that Epik had laughable security. [...]

Organized crime ring thrived on violence, intimidation and $12 million in online fraud profits. [...]

With the help of malicious insiders, a fraudster was able to install malware and remotely divorce iPhones and other handsets from the carrier's U.S. network -- all the way from Pakistan. [...]