The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers.

The U.S. Senate gave the nod to restoring the 2015 Open Internet Order, putting net neutrality on the fast track to a House vote.

A type of card-not-present fraud is spreading throughout the Latin American underground, uniting groups of malefactors in a communal effort to perpetrate it as widely as possible.

Threatpost editors Tom Spring, Tara Seals and Lindsey O’Donnell discuss the week’s information security news.

A recently discovered malware steals cache data and messaging sessions from the desktop version of encrypted messaging service Telegram.

Researchers created a proof-of-concept attack that allows remote attackers to access protected APIs to extract credentials.

The Sun Team APT, likely linked to North Korea, uses Google Play and Facebook as attack vectors.

An array of malicious Android apps purporting to be popular game Fortnite are instead harvesting call logs and downloading cryptomining malware.

A team of academic researchers has demonstrated that it’s possible to possible to closely mimic legitimate voice commands in order to carry out nefarious actions on these home assistants.

The company urges customers to patch three vulnerabilities that received the highest severity rating of 10.