The highly sophisticated operation shares code with the Hermes malware, and may be linked to the Lazarus Group APT actor.

Sloppy Android developers not following security guidelines for external storage opens the door to device takeover and more.

A massive proxy botnet is just the tip of the iceberg, a warning sign of a bigger operation in the works by the Ramnit operators.

A criminal posing as a legitimate website publisher on the AdsTerra online advertising network is using maliciously gathered traffic to deliver victims to exploit kits.

The Feds say Marcus Hutchins is behind both the UPAS Kit backdoor and the Kronos banking trojan.

The move adds to Google’s efforts against malicious apps on the Play store.

Patches are available—and should be applied—that address a critical vulnerability in Windows Search that some are calling the next WannaCry. Others aren’t so ready to do that.

Over the course of two months last year the Copycat malware infected 14 million Android devices and rooted more than half of them, roughly eight million devices.

Check Point has toned down its initial estimates on the number of Fireball malware infections from 250 million machines and 20 percent of corporate networks to 40 million computers.

Mike Mimoso and Chris Brook recap the news of the week, including the EternalRocks worm, the latest on WannaCry, a subtitle hack, and a Twitter flaw.