Cybercriminals were found shuffling payloads once again. Security analysts reported two banking trojans being used alternatively to deliver various ransomware strains as the final payload in recent attacks.

Roughly half a million Huawei users reportedly downloaded applications hosting the Joker malware that subscribes the victims to unwanted premium mobile services.

Security experts recently discovered that ransomware groups have now upgraded to newer tools and strategies to hinder and complicate forensic investigations.

Attackers are promoting sites impersonating the Microsoft Store, Spotify, and an online document converter that distribute malware to steal credit cards and passwords saved in web browsers.

CVE-2020-28592 and CVE-2020-28593 are remote code execution vulnerabilities that could allow an attacker to remotely inject code into the device to change temperatures, cooking times, and settings.

To mitigate the vulnerability tracked as CVE-2021-22893 (with a 10/10 severity score), Pulse Secure advises customers with gateways running PCS 9.0R3 and higher to upgrade to the 9.1R.11.4 release.

To facilitate the moderation process in Facebook and bypass its scam filters, scammers used shortened links created with the help of such services as linktr.ee, bit.ly, cutt.us, cutt.ly, and rb.gy.

An attacker could exploit CVE-2021-26560, CVE-2021-26561, and CVE-2021-26562 with a man-in-the-middle technique to gain the ability to remotely execute code on the targeted device.

A Chrome vulnerability exploit published online last week has been weaponized and abused to attack WeChat users in China, a local security firm Qingteng Cloud Security reported on Friday.

Mandiant launched a spear-phishing attack to gain a foothold in the target enterprise network using a malicious Microsoft Office email attachment and an embedded malicious link.