#Breach

Researchers found that one critical flaw in question is exploitable from the browser, allowing watering-hole attacks.

The incident triggered shutdowns at pumps across the country as attackers flashed the phone number of Supreme Leader Ali Khamenei across video screens.

Kaspersky researchers saw The North Korean state APT use a new variant of the BlindingCan RAT to breach a Latvian IT vendor and then a South Korean think tank.

New software and code stand at the core of everything we do, but how well is all of this new code tested? Luckily, autonomous application security is here.

Manipulated Craigslist emails that abuse Microsoft OneDrive warn users that their ads contain ‘inappropriate content.”

The misbehaving Firefox add-ons were misusing an API that controls how Firefox connects to the internet.

UltimaSMS leverages at least 151 apps that have been downloaded collectively more than 10 million times, to extort money through a fake premium SMS subscription service.

No security defense is perfect, and shadow IT means no company can inventory every single asset that it has. David “moose” Wolpoff, CTO at Randori, discusses strategies for core asset protection given this reality.

An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware.

The Nobelium group, linked to Russia's spy agency, is looking to use resellers as a path to infiltrate their valuable downstream customers - and it's working.