The European operations of its subsidiary Daihatsu Diesel Company were hit by an attack, while the Toyota subsidiary Auto Parts Manufacturing Mississippi also revealed a ransomware attack.

A malware campaign that has been undergoing constant development in its toolsets since February now boasts of four different malware versions – all of which start with an AHK executable that leads to the different VBScripts.

In case studies published by Armorblox, it highlighted two Amazon vishing attacks intent on stealing customer credit card details — and how the use of voice messages can bypass existing spam filters.

GlobalPlatform has expanded its Trusted Execution Environment (TEE) security certification scheme to enable evaluation of discrete technologies that come together to make up a complete TEE solution.

Researchers from the Wordfence Threat Intelligence discovered a Time-Based Blind SQL Injection vulnerability in WP Statistics, which is a WordPress plugin with over 600,000 active installs.

The findings come from a study of 23 Android apps on the Google Play Store, some of which garnered 10,000 to 10 million downloads, such as Astro Guru, iFax, Logo Maker, Screen Recorder, and T’Leva.

Owners of Eufy home security cameras were warned this week of an internal server bug that allowed strangers to view, pan, and zoom in on their home video feeds for approximately one day.

Joseph Blount, Colonial Pipeline’s CEO, told the Wall Street Journal he authorized the payment because the firm didn’t know the extent of the damage and wasn’t sure how long it would take to recover.

Google is launching a new capability in Chrome to alert users when a password is compromised and automate the process of updating to a new one. The feature runs on Google’s Duplex technology.

The integer overflow vulnerability exists in the way macOS SMB server processes SMB3 compounded packets. An attacker could exploit this vulnerability by sending a specially crafted packet.