A new card skimmer has been found using an innovative technique to inject highly convincing PayPal iframes and hijack the checkout process on compromised online stores.

Kaspersky’s security researchers stumbled across a new PowerShell backdoor by the DeathStalker group that has several anti-detection tactics from mouse movements detection to MAC addresses filtering.

Google patched ten critical bugs as part of its December updates. The worst of the bugs was tied to the Android media framework component and gives attackers remote control of vulnerable devices.

API security platform provider Salt Security announced on Tuesday that it has raised $30 million in Series B funding led by Sequoia Capital, with participation from existing investors Tenaya Capital, S Capital VC, and Y Combinator.

Personal details, including phone numbers and email addresses of 7 million Indian debit and credit cardholders, have been circulating on the dark web, an Internet security researcher alerted.

The Apache Software Foundation has released a security update to address a “possible remote code execution” flaw in Apache Struts 2 that is related to the OGNL technology.

CheckPoint’s latest Global Threat Index for November 2020 has revealed that there has been a new surge in infections by the well-known Phorpiex botnet which has made it the month’s most prevalent malware.

Cloudflare’s Tanya Verma and Sudheesh Singanamalla announced support for the new standard, which separates IP addresses from queries, a measure that, it is hoped, will mask requests and make it more difficult for users to be tracked online.

The cyber-criminal groups behind some of the most notorious and damaging ransomware attacks are using the same tactics and techniques as nation-state-backed hacking operations.

APT28, one of Russia’s military hacking units, was most likely responsible for hacking the email accounts of the Norwegian Parliament, the Norwegian police secret service (PST) said.