TikTok’s source code is in line with industry standards, security researchers say. [...]

The malicious app spreads the BlackRock malware, which steals credentials from 458 services - including Twitter, WhatsApp, Facebook and Amazon. [...]

A previously undocumented password and cookie stealer has been compromising accounts of big guns like Facebook, Apple, Amazon and Google since 2019 and then using them for cybercriminal activity. [...]

In a new campaign, threat actors are bundling macOS malware in trojanized Apple Xcode developer projects. [...]

The American Rescue Act is the latest zeitgeisty lure being circulated in an email campaign. [...]

A new Mimecast update reveals the SolarWinds hackers accessed several "limited" source code repositories. [...]

A major spike of attacks against higher ed, K-12 and seminaries in March has prompted the FBI to issue a special alert. [...]

A new Mirai variant is targeting known flaws in D-Link, Netgear and SonicWall devices, as well as newly-discovered flaws in unknown IoT devices. [...]

Researchers from Sucuri discovered the tactic, which creatively hides malicious activity until the info can be retrieved, during an investigation into a compromised Magento 2 e-commerce site. [...]

A year after COVID-19 was officially determined to be a pandemic, the methods and tactics used by cybercriminals have drastically changed. [...]

The threat group behind the Sodinokibi ransomware claimed to have recently compromised nine organizations. [...]

A legitimate binary for creating shortcut keys in Windows is being used to help the malware sneak past defenses, in a rash of new campaigns. [...]

As attacks double every hour, hackers are exploiting vulnerable Microsoft Exchange servers and installing a new family of ransomware called DearCry. [...]

The multinational brewing company did not say what type of incident caused a ‘systems outage,’ but it's investigating and working to get networks back online. [...]

Reports say that the agency in charge of managing Spain's unemployment benefits has been hit by the Ryuk ransomware. [...]

TrickBot rises to top threat in February, overtaking Emotet in Check Point’s new index. [...]

A spam campaign hides a malicious executable behind file archive extensions. [...]

At least 10 nation-state-backed groups are using the ProxyLogon exploit chain to compromise email servers, as compromises mount. [...]

Researchers say the new RedXOR backdoor is targeting Linux systems with various data exfiltration and network traffic tunneling capabilities. [...]

The financial cyber-gang is running limited attacks ahead of broader offensives on point-of-sale systems. [...]

A hybrid Monero cryptominer and ransomware bug has hit 20,000 machines in 60 days. [...]

Spear-phishing emails are spreading the NimzaLoader malware loader, which some say may be used to download Cobalt Strike. [...]

Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. That leaves these thriving dirty data dealers in a familiar predicament — they need to lock …

A never-before-seen malware-dropper, Clast82, fetches the AlienBot and MRAT malware in a savvy Google Play campaign aimed at Android users. [...]

How is this even possible?...26% of companies Positive Technologies tested were vulnerable to WannaCry, which was a threat years ago, and some even vulnerable to Heartbleed. “The most frequent vulnerabilities detected during automated assessment date back to 2013­2017, which indicates a lack of recent software updates,” the …