Spam distributors are using a new technique to infect users with malware, and while this attack relies on having users open Word documents, it does not involve users having to allow the execution of macro scripts.
A new method of sending spam has been created that skips your email altogether and sends it directly to your browser. This new method is called web notification spam and I have started to see numerous sites being setup to utilize this new tactic.
The campaign website of a controversial US politician was hacked last year and hosted Russian SEO spam, according to several sources.
Necurs, the world's largest spam botnet, is currently sending millions of spam emails that push an obscure cryptocurrency named Swisscoin.
Users across several countries are being targeted in a campaign that delivers a new strain of malware named Digmine that installs a Monero cryptocurrency miner and a malicious Chrome extension which helps it propagate to new victims.
A WordPress plugin installed on over 300,000 sites was recently modified to download and install a hidden backdoor. The WordPress team has intervened and removed this plugin from the official WordPress Plugins repository, also providing clean versions for affected customers.
The rise of the Satori botnet and the fall of the Andromeda (Gamarue) botnet are the main two factors that have led to a 50% growth of the Spamhaus Exploits Block List (XBL) during the past month.
A ransomware strain known as Scarab, and detected for the first time in June, is now being pushed to millions of users via Necurs, the Internet's largest email spam botnet.
In one of the weirdest things you'll hear today, a spam botnet has been randomly selecting text from a Star Wars novel and sending it to victims, alongside with download links to online gambling apps.
A Pittsburgh judge sentenced a malware dev to two years probation and no prison time for his involvement with a spam botnet.
A Facebook spam campaign is luring users to phishing pages that try to trick targets into handing over Facebook or YouTube credentials.
Malware families evolve on a daily basis, but some updates catch your eye more than others. Necurs has just gone through one of these "interesting" updates, according to US security firm Symantec.
Reports are coming in from multiple security researchers and security firms about increased activity from one of the groups spreading the Locky ransomware.
For the past two and a half months, a WordPress plugin named Display Widgets has been used to install a backdoor on WordPress sites across the Internet.
A malware group is using Facebook's CDN servers to store malicious files that it later uses to infect users with banking trojans.
A virulent spam campaign has hit Facebook Messenger during the past few days, according to recent warnings issued by Avira and Kaspersky Lab.
During the past week, there has been a sudden surge in online extortion campaigns, against regular users and security researchers alike.
A Dark Web service specialized in Jabber/XMPP spam is offering spamées the option of stopping all incoming messages for a small fee of 0.01 Bitcoin, which comes down to around $25.
The Locky ransomware is back, spreading via a massive wave of spam emails distributed by the Necurs botnet, but the campaign appears to be a half-baked effort because the ransomware is not able to encrypt files on modern Windows OS versions, locking files only on older Windows XP & Vista machines.