The bug would allow a number of malicious actions, up to and including full site takeover. The vulnerable plugin is installed on 100,000 websites. [...]

CAPTCHA-protected malicious URLs are snowballing lately, researchers said. [...]

A crush of new attacks using the well-known adware involves at least 150 updated samples, many of which aren't recognized by Apple's built-in security controls. [...]

The out-of-band warning pairs with a working proof-of-concept exploit for the issue, circulating since mid-July. [...]

Spam was on the rise in Q2, with video fraud and COVID-19-related efforts in the mix. [...]

Microsoft's August 2021 Patch Tuesday addressed a smaller set of bugs than usual, including more Print Spooler problems, a zero-day and seven critical vulnerabilities. [...]

The dangerous malware has been rapidly developed since June and could be released into the wild soon. [...]

A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks. [...]

The latest variants of the Monero-mining malware exploit known web server bugs and add efficiency to the mining process. [...]

Prior to a patch, a serious bug could have allowed attackers to take over Kindles and steal personal data. [...]

Security researchers warned that at least 8,800 vulnerable systems are open to compromise. [...]

A researcher was able to remotely control the lights, bed and ventilation in "smart" hotel rooms via Nasnos vulnerabilities. [...]

The second quarter of the year saw the highest volumes of ransomware attacks ever, with Ryuk leading the way. [...]

Using a lure relating to a lawsuit against the owner of Jack Daniels whiskey, the cybergang launched a campaign that may be bent on ransomware deployment. [...]

The vendor will work with customers affected by the early July spate of ransomware attacks to unlock files; it's unclear if the ransom was paid. [...]

The “Evernote for creatives” is anchoring a rapidly spiking phishing campaign, evading SEGs with ease. [...]

Misconfigured permissions for Argo's web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers. [...]

Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others. [...]

The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode. [...]

The newly documented code is a full-service malware-delivery threat that's spreading indiscriminately globally through paid search ads. [...]

A format-string bug believed to be a low-risk denial-of-service issue turns out to be much nastier than expected. [...]

Telecom providers, including wireless carriers, are at risk of disruption of network service if the bug in SBR Carrier is exploited. [...]

Candiru, aka Sourgum, allegedly sells the DevilsTongue surveillance malware to governments around the world. [...]

The popular e-commerce platform for WordPress has started deploying emergency patches. [...]

The attackers have spruced up the 'vncDll' module used for spying on targets and stealing data. [...]