The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics. [...]

Research from Zscaler ThreatLabZ shows attackers using spam emails and legitimate-looking links to gaming software to serve up Epsilon ransomware, the XMRrig cryptominer and various data and token stealers. [...]

The two malware families have sophisticated capabilities to exfiltrate SMS messages, WhatsApp messaging content and geolocation. [...]

The critical SAP cybersecurity flaw could allow for the compromise of an application used by e-commerce businesses. [...]

The ransomware gang behind the hack of CD Projekt Red may be asking for $1 million opening bids for the company's valuable data. [...]

Researchers at Google and Stanford analyzed a 1.2 billion malicious emails to find out what makes users likely to get attacked. 2FA wasn't a big factor. [...]

Intel is warning on security bugs across its graphics drivers, server boards, compute modules and modems. [...]

The Code42 2021 Data Exposure Report highlights the need to adopt a new approach to data security and invest in modern Insider Risk technology. [...]

Ethical hacker Alex Birsan developed a way to inject malicious code into open-source developer tools to exploit dependencies in organizations internal applications. [...]

Microsoft addressed 56 security vulnerabilities for February Patch Tuesday -- including 11 critical and six publicly known. And, it continued to address the Zerologon bug. [...]

A barcode scanner with 10 million downloads is removed from Google Play marketplace after ad blitz hits phones. [...]

A critical vulnerability in Adobe Reader has been exploited in "limited attacks." [...]

The LodaRAT - known for targeting Windows devices - has been discovered also targeting Android devices in a new espionage campaign. [...]

CD Projekt Red was hit with a cyberattack (possibly the work of the "Hello Kitty" gang), and the attackers are threatening to release source code for Witcher 3, corporate documents and more. [...]

A threat actor remotely accessed the IT system of the water treatment facility of Oldsmar and raised the levels of sodium hydroxide in the water, an action that was quickly noticed and remediated. [...]

About 3.27 billion stolen account logins have been posted to the RaidForums English-language cybercrime community in a 'COMB' collection. [...]

A patch in the NextGen Gallery WordPress plugin fixes critical and high-severity cross-site request forgery flaws. [...]

Remote work continues to fueling a spike in phishing and cyberattacks, particularly in the U.S. [...]

In a unique attack, cybercriminals locally install an extension to manipulate data in internal web applications that the victims have access to. [...]

The ransomware attack, affecting OT systems, resulted in some of WestRock's facilities lagging in production levels. [...]

Claroty reports that adversaries, CISOs and researchers have all turned their attention to finding critical security bugs in ICS networks. [...]

An CRSF-to-stored-XSS security bug plagues 50,000 'Contact Form 7' Style users. [...]

Google warns of a zero-day vulnerability in the V8 open-source engine that's being actively exploited by attackers. [...]

Eletrobras, the largest power company in Latin America, faces a temporary suspension of some operations. [...]

A new DDoS botnet propagates via the Android Debug Bridge and uses Tor to hide its activity. [...]