Apple has removed one of its top 10 grossing productivity apps after an independent developer’s story about fraudsters’ abuse of the App Store’s Search Ads functionality went viral.

In its annual National Exposure Index report, Rapid7 found 160 million computers, IoT devices and servers with open ports that should not be exposed to the public network.

Microsoft released patches on Tuesday for unsupported versions of Windows, a decision prompted by three NSA exploits that remained unaddressed from April’s ShadowBrokers leak.

Microsoft patched 95 vulnerabilities today, including two under attack.

Citing an elevated risk for destructive attacks, Microsoft today included patches for vulnerabilities in Windows XP among its Patch Tuesday updates.

Adobe fixed 21 vulnerabilities across four products – Flash, Shockwave Player, Captivate, and Adobe Digital Editions – on Tuesday.

Patrick Wardle of Synack and the Objective-See blog talks to Mike Mimoso about the emergence of a ransomware service targeting MacOS machines. Wardle explains why he characterizes MacRansom as “lame” and whether this could kick off a wave of copycats vying for the Apple platform.

A campaign attributed to the FIN7 attackers targets restaurants with phishing emails and infected RTF Word documents that carry out fileless malware attacks.

A new, free macOS-based ransomware as a service has surfaced on the darkweb. Researchers say once the malware encrypts users’ files, they’re “pretty much gone for good.”

Researchers say sensitive data can be extracted from air-gapped networks via a wireless router’s blinking LEDs.