Actors are using malicious RubyGems packages in a supply chain attack to steal cryptocurrency from potential victims. Such attempts by cyber adversaries signal growing threats from various software components.

IBM Trusteer researchers laid bare an automated mobile fraud operation that initiated illicit transactions and stole millions from the bank accounts of thousands of customers.

Less-popular web browsers and email clients are under attack by the infamous keylogger Agent Tesla, which is also expanding in its targets with improved data exfiltration features.

Workplace pension provider NOW: Pensions has emailed 1.7 million UK customers to warn about a data leakage caused by contractor error involving the posting of user data to a “public software forum”.

Security researchers have identified a new phishing campaign using a message purportedly from the New York Department of Labor to trick people into giving the attackers personal data.

IMF researchers hinted at the possibility of using a user’s browsing history, including search and purchasing data, for more accurately determining the person or business’ credit rating.

Researchers discovered two critical security vulnerabilities in Dell Wyse Thin clients that could have potentially allowed attackers to remotely execute malicious code and access arbitrary files.

The tech giants on Monday joined Facebook’s legal battle against hacking company NSO, filing an amicus brief in federal court that warned that the Israeli firm’s tools were “powerful, and dangerous.”

Dozens of email accounts at the U.S. Treasury Department were compromised by hackers in the recent cyber-espionage campaign, the office of U.S. Senator Ron Wyden said on Monday.

According to researchers at Armis, around 97 percent of the OT devices affected by URGENT/11 (a group of vulnerabilities) are not patched, even though fixes are being delivered.