As many as 100,000 of the music streaming service's customers could face account takeover. [...]

The vulnerabilities exist in Cisco's RV160, RV160W, RV260, RV260P, and RV260W VPN routers for small businesses. [...]

A savvy phishing campaign manages to evade native Microsoft security defenses, looking to steal O365 credentials. [...]

Feds charged California-based private detective for stealing $11M from investors, with help from actor Steven Seagal. [...]

The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters. [...]

An e-commerce credit-card skimmer is being used by a second skimmer to steal payment data - and both are on Costway's website. [...]

Cases reported to the FTC doubled last year as cybercriminals took advantage of increased filing for government relief benefits due to the pandemic. [...]

Enhanced Explosive RAT and Caterpillar tools are at the forefront of a global espionage campaign. [...]

The flaw could have let attackers send out custom newsletters and delete newsletter subscribers from 200,000 affected websites. [...]

Two new phishing tactics use the platform's automated responses to evade email filters. [...]

The Pro-Ocean cryptojacking malware now comes with the ability to spread like a worm, as well as harboring new detection-evasion tactics. [...]

A phishing kit has been found running on at least 700 domains - and mimicking services via false SharePoint, OneDrive and Office 365 login portals. [...]

A growing number of cybersecurity vendors like CrowdStrike, Fidelis, FireEye, Malwarebytes, Palo Alto Networks and Qualys are confirming being targeted in the espionage attack. [...]

A new version of NAT slipstreaming allows cybercriminals an easy path to devices that aren't connected to the internet. [...]

The personal data of 66,000 users was left wide open on a misconfigured Elasticsearch server, joining a growing list of companies with leaky clouds. [...]

Cook County, Ill., home to Chicago, has left a database exposed since at least September that contained sensitive criminal and family-court records. [...]

Hackers masquerade as security researchers to befriend analysts and eventually infect fully patched systems at multiple firms with a malicious backdoor. [...]

The ShinyHunters hacking group offer a raft of information, from location and contact info to dating preferences and bodily descriptions, as a free download. [...]

The high-severity security vulnerability (CVE-2021-1257) allows cross-site request forgery (CSRF) attacks. [...]

The new tools on Chrome and Edge will make it easier for browser users to discover - and change - compromised passwords. [...]

The "KindleDrip" attack would have allowed attackers to siphon money from unsuspecting victims. [...]

A former ADT employee pleads guilty of accessing customers’ cameras so he could spy on them. [...]

The CursedGrabber malware has infiltrated the open-source software code repository. [...]

Researchers warn that attackers are collecting reconnaissance for future business email compromise attacks using Google Forms. [...]

A phishing campaign spoofs Xerox notifications to lure victims into clicking on malicious HTML attachments. [...]