North Korean hacking group Thallium aka APT37 has targeted users of a private stock investment messenger service in a software supply chain attack, according to a report published this week.

This week a threat actor leaked data of 10,000 Mexico-based American Express credit cardholders on a forum. The finding was brought to light by threat intelligence analyst, Bank Security.

The plan sets forth how the United States government will defend the American economy through enhanced cybersecurity coordination, policies and practices, aimed at mitigating maritime cyber risks.

The campaign, first detected in December, is believed to have claimed over 6,500 victims based on the number of unique visitors to the Pastebin pages used to locate the command and control servers.

Caveonix, which was founded in 2017, announced it has raised $7.3 million in Series A funding. The round was led by First In Capital, as well as other early investors in the company.

Scammers coordinating these attacks are also actively attempting to convince potential victims to install remote administration and desktop sharing software to steal the targets’ banking information.

A group of U.S. intelligence agencies on Tuesday formally accused Russia of being linked to the recently discovered hack of IT group SolarWinds that compromised much of the federal government.

Researchers at Morphisec Labs have published fresh details about a malware variant called JSSLoaderwritten in the .NET language, that the FIN7 hacking group has used for several years.

Over 500,000 stolen credentials tied to the top 25 gaming firms were found on caches of breached data online and up for sale at criminal marketplaces, according to researchers at Kela.

T-Mobile reported a breach that compromised customer data, the company’s fourth in three years, raises questions about whether its massive merger with Sprint left the combined company more vulnerable.