Latest Apple Platform Security update folds iOS, macOS and hardware into security 2021 roadmap. [...]

DoppelPaymer ransomware gang claims credit for Kia’s outage, demands $20 million in double-extortion attack. [...]

A malicious website or malicious ad can trigger an exploit for the IE zero-day bug, opening the door for data theft and code execution, new analysis notes. [...]

A malicious adware-distributing application specifically targets Apple's new M1 SoC, used in its newest-generation MacBook Air, MacBook Pro and Mac mini devices. [...]

Apps like eHarmony and MeetMe are affected by a flaw in the Agora toolkit that went unpatched for eight months, researchers discovered. [...]

Jones Day, which represented Trump, said the breach is part of the Accellion attack from December. [...]

The WatchDog malware has flown under the radar for two years in what researchers call one of the 'largest' Monero cryptojacking attacks ever. [...]

The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking. [...]

The feds have expanded the list of financial and political hacking crimes they allege are linked to Lazarus Group and North Korea. [...]

A new version of the Masslogger trojan has been targeting Windows users - now using a compiled HTML (CHM) file format to start the infection chain. [...]

Public disclosure of a privilege escalation attack details how a cybergang bypassed browser iframe sandboxing with malicious PostMessage popups. [...]

TikTok is again in hot water for how the popular video-sharing app collects and shares data - particularly from its underage userbase. [...]

The open CA prepares for ‘worst scenarios’ with new fiber, servers, cryptographic signing and more. [...]

The volume of attacks fell 31 percent in the last part of 2020, as Bitcoin values skyrocketed. But there were still several notable trends, such as a rise in Linux botnets. [...]

Hundreds of thousands of individuals are potentially affected by this vulnerability. [...]

Microsoft released a new servicing stack update (KB5001078) after an older one caused problems for Windows users installing Patch Tuesday security updates. [...]

Attackers can exploit SHAREit permissions to execute malicious code through vulnerabilities that remain unpatched three months after app makers were informed. [...]

The number of people being targeted by fake relationship-seekers has spiked during the COVID-19 pandemic. [...]

Researcher testing of 30 mobile health apps for clinicians found that all of them had vulnerable APIs. [...]

In a security notice, Yandex said an employee had been providing unauthorized access to users’ email accounts “for personal gain.” [...]

A well-crafted SMS phishing effort is harvesting personal data and credit-card details under the guise of offering tax refunds. [...]

The Tier 1 telecom giant was caught up in a coordinated, wide-ranging attack using unpatched security bugs in the Accellion legacy file-transfer platform. [...]

Researchers discovered credentials for the Oldsmar water treatment facility in the massive compilation of data from breaches posted just days before the attack. [...]

Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are actually spreading the BazaLoader malware. [...]

The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps. [...]