An unpatched vulnerability in the Safari web browser allows an attacker to control the content displayed in the address bar, a security researcher discovered. The method enables well-crafted phishing attacks that are difficult to spot by the average consumer.
The recent British Airways data breach affecting 380,000 individuals appears to be the work of a known adversary that infects websites with a script designed to collect payment card data.
Ever since exploit code for CVE-2018-14847 became publicly available, miscreants have launched attacks against MikroTik routers. Thousands of unpatched devices are mining for cryptocurrency at the moment.
Multiple apps developed by Trend Micro are no longer available in the Mac App Store after researchers showed they were collecting browser history and information about users' computers.
The browser extension for the Keybase app fails to keep the end-to-end encryption promised by its desktop variant as sites could see the text being types into the chat area.
It has been a quiet week with just small variants and new variants of existing ones such as Matrix. As much as we would like to see ransomware die off altogether, it is hear to stay.
Vulnerabilities in NordVPN and ProtonVPN clients allow an attacker to execute code on the affected computer with the rights of an administrator.
Apple removed today the #1 selling anti-malware app called Adware Doctor from the Mac App Store because it was gathering browsing history and other sensitive information without a user's permission and then uploading it to someone in China.
Microsoft has released Insider preview build 17755 that just fixes known issues and bugs. The bigger news is the release of an updated Your Phone app that allow you to view and reply on your Windows 10 PC to text messages that you received on your linked Android devices.
An extensive surveillance operation targets specific groups of individuals with malicious mobile apps that collect sensitive information from the device along with surrounding voice recordings.
Security researchers exploited a threat actor's poor choice for encryption and discovered a new piece of malware along with network infrastructure that links to various targeted attacks.
A new exploit kit called Fallout is being used to distribute the GandCrab ransomware, malware downloading Trojans, and other potentially unwanted programs (PUPs).
British Airways two hours ago announced the theft of customer data from its website and mobile application.
Tesla recently added to its responsible disclosure guidelines with clarifications that welcome researchers to probe software in its cars for security bugs.
Necurs botnet distributed over 780,000 emails in five campaigns earlier this year, all containing weaponized IQY files - the latest method for delivering malware.
Cisco published on Wednesday 30 security advisories on vulnerabilities identified in its products. Half of them are for high and critical severity bugs.
A Czech court recently sentenced two hackers to three years in prison for accessing Vodafone customer's mobile accounts and use them to purchase 600,000 Czech Koruna worth of gambling services. Vodafone reportedly wants the hacked victim's to pay for these charges as they were using an easy password of "1234".
Malware developers have started to use the zero-day exploit for Windows Task Scheduler component, two days after proof-of-concept code for the vulnerability appeared online.