The Joker premium billing-fraud malware is back on Google Play in a fresh onslaught, with an updated bag of tricks to evade scanners. [...]

The 'ModiPwn' bug lays open production lines, sensors, conveyor belts, elevators, HVACs and more that use Schneider Electric PLCs. [...]

Jen Easterly, former NSA official and Morgan Stanley vet, will take up the lead at CISA as the ransomware scourge rages on. [...]

The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution. [...]

The high-severity security vulnerabilities allow elevation of privileges, leading to data theft and more. [...]

A global effort to steal information from energy companies is using sophisticated social engineering to deliver Agent Tesla and other RATs. [...]

Security vulnerabilities in the ERP platform could allow attackers to tamper with or sabotage victims' business-critical processes and to intercept data. [...]

At least 25 apps have lured in tens of thousands of victims with the promise of helping them cash in on the cryptomining craze. [...]

The apps all used an unusual tactic of loading a legitimate Facebook page as part of the data theft. [...]

REvil ransomware gang lowers price for universal decryptor after massive worldwide ransomware push against Kaseya security vulnerability CVE-2021-30116. [...]

After focusing almost exclusively on delivering ransomware for the past year, the code changes could indicate that TrickBot is getting back into the bank-fraud game. [...]

LimeVPN has confirmed a data incident, and meanwhile its website has been knocked offline. [...]

The gang's source code is now available to rivals and security researchers alike - and a decryptor likely is not far behind. [...]

A refined database of 88K U.S. business owners on LinkedIn has been posted in a hacker forum. [...]

The self-propagating malware's attack chain is complex, using former NSA cyberweapons, and ultimately drops cryptominers on targeted machines. [...]

The "PrintNightmare" bug may not be fully patched, some experts are warning, leaving the door open for widespread remote code-execution attacks. [...]

After 500 million LinkedIn enthusiasts were affected in a data-scraping incident in April, it's happened again - with big security ramifications. [...]

A survey from GSMA and Trend Micro shows a concerning lack of security capabilities for private 5G networks (think factories, smart cities, industrial IoT, utilities and more). [...]

One of the Carbanak cybergang's highest-level hackers is destined to serve seven years while making $2.5 million in restitution payments. [...]

In-the-wild XSS attacks have commenced against the security appliance (CVE-2020-3580), as researchers publish exploit code on Twitter. [...]

Beware: The swindle uses legitimately purchased YouTube ads, real liquidity, legitimate DEX Uniswap, and the real wallet extension MetaMask to create an entirely convincing fake coin gambit. [...]

Four separate security bugs would give attackers almost complete control and persistence over targeted devices, thanks to a faulty update mechanism. [...]

Remote, unauthenticated cyberattackers can infiltrate and take over the Cortex XSOAR platform, which anchors unified threat intelligence and incident responses. [...]

The LV ransomware operators likely used a hex editor to repurpose a REvil binary almost wholesale, for their own nefarious purposes. [...]

A pair of zero-days affecting Pling-based marketplaces could allow for some ugly attacks on unsuspecting Linux enthusiasts -- with no patches in sight. [...]