A second vulnerability could be used to prevent access to almost all of a site’s existing content, by simply redirecting visitors.

The zero-day Zoom flaws could give local, unprivileged attackers root privileges, and allow them to access victims’ microphone and camera.

An old RAT learns an old trick.

Phishing and zero-days continue to be a core part of the APT arsenal.

The vulnerability can be exploited to reveal limited traffic data including a device’s IP address.

CVE-2020-10245, a heap-based buffer overflow that rates 10 out of 10 in severity, exists in the CODESYS web server and takes little skill to exploit.

The malware, the work of a new APT called TwoSail Junk, allows deep surveillance and total control over iOS devices.

Threatpost Senior Editor Tara Seals is joined by Russ Mohr, engineer and Apple evangelist at MobileIron along with Jerry Ray, COO at SecureAge, for a discussion about the now postponed Tokyo Games and its use of 5G and the myriad of security concerns Japan is preparing for.

Apple's security update included a slew of vulnerabilities in various components of iOS, macOS and Safari – the most severe of which could enable remote code execution.

Researchers say that APT41's exploits are part of one of the broadest espionage campaigns they've seen from a Chinese-linked actor "in recent years."

And no, Microsoft said, none of our verified accounts have been hijacked, vehemently denying early reports.

Every once in a while an attack comes along that is so simple to set up, and yet so effective, that it makes your jaw drop. Here's one.

Microsoft has announced a list of new security and privacy features it plans to add to forthcoming versions in an effort to take on its rivals.

Marriott International has today announced that it has suffered a data breach affecting up to 5.2 million people.

OpenWrt is an open source operating system used by millions of home and small business routers and embedded devices.

The source code for ransomware-as-a-service strain Dharma has been put up for sale by hackers.

Where did it all come from? 4.9m records were posted on a hacking forum – and the country only has an estimated population of 3.7m.

They have a way to inject 'good' data – i.e., accurate COVID-19 news or security patches – to outpace the spread of fake news or malware.

No, we don't know why people start hoaxes like this. You can do your bit by not forwarding them, not even "just in case".

The only backup you will ever regret… is the one you didn't make