A campaign attributed to the FIN7 attackers targets restaurants with phishing emails and infected RTF Word documents that carry out fileless malware attacks.

A new, free macOS-based ransomware as a service has surfaced on the darkweb. Researchers say once the malware encrypts users’ files, they’re “pretty much gone for good.”

Researchers say sensitive data can be extracted from air-gapped networks via a wireless router’s blinking LEDs.

Kaspersky Lab said it has seen some of the first exploits targeting a patched Samba vulnerability, and those are being used to mine Monero cryptocurrency.

Some customers are irked it took GameStop months to inform them that their personal and financial information could have been compromised in a breach of GameStop.com that began in August 2016.

Google has released a reCAPTCHA API for Android, a first for the mobile applications.

Microsoft has found a file-transfer tool used by the Platinum APT that leverages Intel Active Management Technology to stealthily load malware onto networked computers.

How EternalBlue was ported to Windows 10, a Facebook phishing study, QakBot, and this week’s Apple security announcements are all discussed.

Moto G4 and Moto G5 model Motorola phones are vulnerable to kernel command line injection vulnerabilities.

VMware fixed two critical vulnerabilities in its vSphere Data Protection solution this week that could have allowed an attacker to execute commands on the appliance, among other outcomes.