Threatpost

The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind.

Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise.

Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild.

Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins.

Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware.

Microsoft's May Patch Tuesday update is triggering authentication errors.

An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers.

Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks.

Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company's attack surface and the "blast radius" of a potential attack.

The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found.

Dell and HP were among the first to release patches and fixes for the bug.

A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains.

Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.

Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much.

The bug has a severe rating of 9.8, public exploits are released.

The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks.

Researchers say a hacker is selling access to quality malware for chump change.

A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem.

In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well as ways that developers can keep their code safe.

Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands.