A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker boom. [...]

The well-known banking trojan retools for stealth with a whole new attack routine, including using ads for Microsoft TeamViewer and Zoom to lure victims in. [...]

The security vulnerabilities bring the web behemoth up to 10 browser zero-days found so far this year. [...]

The security vulnerability can be exploited with a malicious CSV file. [...]

The incident raises considerations for security for critical data housed in third-party infrastructure, researchers say. [...]

The malware appeared in August with an ambitious roadmap (think ransomware, DDoS) that could make it 'the most feature-rich Android malware on the market.' [...]

A chain of exploits could allow a malicious Azure user to infiltrate other customers' cloud instances within Microsoft's container-as-a-service offering. [...]

An authentication bypass vulnerability in the ManageEngine ADSelfService Plus platform leading to remote code execution offers up the keys to the corporate kingdom. [...]

An authentication bypass vulnerability leading to remote code execution offers up the keys to the corporate kingdom. [...]

The Demon's Cries, Draconian Fear and Seventh Inferno security bugs are high-severity entryways to corporate networks. [...]

Patch now: The popular biz-collaboration platform is seeing mass scanning and exploitation just two weeks after a critical RCE bug was disclosed. [...]

The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets. [...]

The financially motivated group looked to steal payment-card data from a California-based point-of-sale service provider. [...]

The BrakTooth set of security vulnerabilities impacts at least 11 vendors' chipsets. [...]

A design flaw involving Google Timeline could allow someone to track another device without installing a stalkerware app. [...]

Users should be careful whose pics they view and should, of course, update their apps. [...]

Two vulnerabilities in the site-building plugin could be useful tools in the hands of a skilled attacker, researchers warned. [...]

A pair of unpatched security vulnerabilities can allow unauthenticated cyberattackers to turn off window, door and motion-sensor monitoring. [...]

The popular Dynamic Pricing and Discounts plugin from Envato can be exploited by unauthenticated attackers. [...]

The bug (CVE-2021-33766) is an information-disclosure issue that could reveal victims' personal information, sensitive company data and more. [...]

It's unclear if Microsoft customers were breached during the months-long period where the #ChaosDB bug in Jupyter Notebooks was exploitable. [...]

The issue affects a range of Cisco Wireless-N and Wireless-AC VPN routers that have reached end-of-life. [...]

The apps attempt to swindle users into buying in-app upgrades or clicking on masses of ads. [...]

The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch at the end of the month. [...]

Fresh attacks target companies' employees, promising millions of dollars in exchange for valid account credentials for initial access. [...]