The new malware family was seen pretending to be an official Italian app, called Immuni.
Passwords and other credentials have been listed on Have I Been Pwned as attack rumors circulate.
a malicious app installed on a device can hide behind legitimate apps.
An updated version of the ComRAT malware was discovered in attacks on governmental targets.
Latest version of UnC0ver uses unpatched zero-day exploit to take complete control of devices, even those running iOS 13.5.
Even seeing data breaches in the news, more than half of consumers are still reusing passwords.
A lack of awareness about where and how open-source libraries are being used is problematic, researchers say.
Attackers used malicious Excel 4.0 documents to spread the weaponized NetSupport RAT in a spear-phishing campaign.
The meal-kit company's customer records were leaked as part of the Shiny Hunters breach.
An investigation traces an NSO Group-controlled IP address to a fake Facebook security portal.
Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT.
Looking for niche anomalies in an automated way with AI and machine learning is the future.
Cisco has fixed a critical remote code-execution flaw in its popular customer interaction management solution.
The malware-as-a-service is advanced, obfuscated and modular -- and built for mass campaigns.
Cybercriminals are hunting out victims' Office 365 credentials -- by dishing out Supreme court "summons" in a phishing attack.
Cybercriminals are taking advantage of the Google name and the cloud to convince victims into handing over their login details.
The operators behind the Toll Group attack are taking applications for technically advanced partners.
The business email compromise (BEC) gang Scattered Canary has filed more than 200 fraudulent claims for unemployment benefits and for COVID-19 relief funds.
Threatpost talks to Verizon DBIR co-author Gabriel Bassett about the top takeaways from this year's Data Breach Investigations Report.
The threat actor known as ‘Sanix’ had terabytes of stolen credentials at his residence, authorities said.
The First Stop For Security NewsSubscribe to Alerts feed