Apps like eHarmony and MeetMe are affected by a flaw in the Agora toolkit that went unpatched for eight months, researchers discovered. [...]

The popular plugin is installed on more than 1 million websites, and has four flaws that allow various kinds of serious attacks, including site takeover and email hijacking. [...]

A new version of the Masslogger trojan has been targeting Windows users - now using a compiled HTML (CHM) file format to start the infection chain. [...]

Public disclosure of a privilege escalation attack details how a cybergang bypassed browser iframe sandboxing with malicious PostMessage popups. [...]

TikTok is again in hot water for how the popular video-sharing app collects and shares data - particularly from its underage userbase. [...]

The open CA prepares for ‘worst scenarios’ with new fiber, servers, cryptographic signing and more. [...]

The volume of attacks fell 31 percent in the last part of 2020, as Bitcoin values skyrocketed. But there were still several notable trends, such as a rise in Linux botnets. [...]

Hundreds of thousands of individuals are potentially affected by this vulnerability. [...]

Microsoft released a new servicing stack update (KB5001078) after an older one caused problems for Windows users installing Patch Tuesday security updates. [...]

The number of people being targeted by fake relationship-seekers has spiked during the COVID-19 pandemic. [...]

A well-crafted SMS phishing effort is harvesting personal data and credit-card details under the guise of offering tax refunds. [...]

Emails pretending to confirm hefty orders from lingerie shop Ajour Lingerie and flower store Rose World are actually spreading the BazaLoader malware. [...]

The attackers ported victims' cell phone lines and then defeated 2FA to access accounts and apps. [...]

The money being wire transferred by business email compromise victims is on the rise, as cybersecurity criminals evolve their tactics. [...]

The ransomware gang behind the hack of CD Projekt Red may be asking for $1 million opening bids for the company's valuable data. [...]

Researchers at Google and Stanford analyzed a 1.2 billion malicious emails to find out what makes users likely to get attacked. 2FA wasn't a big factor. [...]

The Code42 2021 Data Exposure Report highlights the need to adopt a new approach to data security and invest in modern Insider Risk technology. [...]

A critical vulnerability in Adobe Reader has been exploited in "limited attacks." [...]

About 3.27 billion stolen account logins have been posted to the RaidForums English-language cybercrime community in a 'COMB' collection. [...]

A patch in the NextGen Gallery WordPress plugin fixes critical and high-severity cross-site request forgery flaws. [...]

Remote work continues to fueling a spike in phishing and cyberattacks, particularly in the U.S. [...]

In a unique attack, cybercriminals locally install an extension to manipulate data in internal web applications that the victims have access to. [...]

An CRSF-to-stored-XSS security bug plagues 50,000 'Contact Form 7' Style users. [...]

Google warns of a zero-day vulnerability in the V8 open-source engine that's being actively exploited by attackers. [...]

A new DDoS botnet propagates via the Android Debug Bridge and uses Tor to hide its activity. [...]