Enlarge / Never put a GriftHorse on your phone. John Lamparsky | Getty Images reader comments 26 with 21 posters participating Share this story Google has taken increasingly sophisticated steps to keep malicious apps out of Google Play. But a new round of takedowns involving about 200 apps and more than 10 million potential victims… Read More »
reader comments 45 with 33 posters participating Share this story Scammers have been caught using a clever sleight of hand to impersonate the website for the Brave browser and using it in Google ads to push malware that takes control of browsers and steals sensitive data. The attack worked by registering the domain xn--brav-yva[.]com, an… Read More »
reader comments 95 with 61 posters participating Share this story As many as 1,500 businesses around the world have been infected by highly destructive malware that first struck software maker Kaseya. In one of the worst ransom attacks ever, the malware, in turn, used that access to fell Kaseya’s customers. The attack struck on Friday… Read More »
Mateusz Slodkowski/SOPA Images/LightRocket via Getty Images reader comments 62 with 50 posters participating Share this story Google has given the boot to nine Android apps downloaded more than 5.8 million times from the company’s Play marketplace after researchers said these apps used a sneaky way to steal users’ Facebook login credentials. In a bid to win… Read More »
reader comments 47 with 39 posters participating Share this story Microsoft gave its digital imprimatur to a rootkit that decrypted encrypted communications and sent them to attacker-controlled servers, the company and outside researchers said. The blunder allowed the malware to be installed on Windows machines without users receiving a security warning or needing to take… Read More »
Getty Images reader comments 70 with 58 posters participating Share this story Counterfeit packages downloaded roughly 5,000 times from the official Python repository contained secret code that installed cryptomining software on infected machines, a security researcher has found. The malicious packages, which were available on the PyPI repository, in many cases used names that mimicked… Read More »
reader comments 69 with 54 posters participating Share this story A researcher has uncovered one of the more unusual finds in the annals of malware: booby-trapped files that rat out downloaders and try to prevent unauthorized downloading in the future. The files are available on sites frequented by software pirates. Vigilante, as SophosLabs Principal Researcher… Read More »
reader comments 56 with 35 posters participating, including story author Share this story Researchers have discovered yet another massive trove of sensitive data, a dizzying 1.2TB database containing login credentials, browser cookies, autofill data, and payment information extracted by malware that has yet to be identified. In all, researchers from NordLocker said on Wednesday, the… Read More »
reader comments 12 with 9 posters participating, including story author Share this story Malicious hackers have been exploiting a vulnerability in fully updated versions of macOS that allowed them to take screenshots on infected Macs without having to get permission from victims first. The zeroday was exploited by XCSSET, a piece of malware discovered by… Read More »
Getty Images reader comments 63 with 54 posters participating Share this story When Apple released the latest version 11.3 for macOS on Monday, it didn’t just introduce support for new features and optimizations. More importantly, the company fixed a zero-day vulnerability that hackers were actively exploiting to install malware without triggering core Mac security mechanisms,… Read More »