A flaw that allows browsers to enumerate applications on a machine threatens cross-browser anonymity in Chrome, Firefox, Microsoft Edge, Safari and even Tor.
The ‘Send My’ exploit can use Apple's locator service to collect and send information from nearby devices for later upload to iCloud servers.
Malware first observed in Italy can steal victims’ credentials and SMS messages as well as livestream device screens on demand.
Statement by the ransomware gang suggests that the incident that crippled a major U.S. oil pipeline may not have exactly gone to plan for overseas threat actors.
NY's AG: Millions of fake comments – in favor and against – came from a secret broadband-funded campaign or from a 19-year-old's fake identities.
A large-scale incident earlier this week against Belnet and other ISPs has sent a wave of internet disruption across numerous Belgian government, scientific and educational institutions.
‘Freevaccinecovax.org’ claimed to be that of a biotech company but instead was stealing info from visitors to use for nefarious purposes.
Azure Defender security team discovers that memory allocation is a systemic problem that can allow threat actors to execute malicious code remotely or cause entire systems to crash.
Information stolen in April 10 ransomware attack was posted on a dark web portal and includes private documents not published as part of public records.
Two phishing attacks elude Exchange security protections and spoof real-life account scenarios in an attempt to fool victims.
A variant of Mac No. 1 threat Shlayer since January already has been exploiting the vulnerability, which allows payloads to go unchecked through key OS security features.
Even if the app is not installed or in use, threat actors can use it to spread malware through email campaigns and take over victims’ machines, new research has found.
Attacks dubbed ‘Fajan’ by researchers are specifically targeted and appear to be testing various threat techniques to find ones with the greatest impact.
The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release and adoption of fixes.
Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered.