Cyberattackers have used a bogus mobile device management (MDM) system to target a small – but presumably high-value – set of iPhones in India in a cyberespionage campaign that has some unusual hallmarks.

The actors behind this kind of code, whether they’re bent on sending a political message or simply wanting to cover their tracks after data exfiltration, have adopted various techniques to carry out those activities.

Crypto mining botnets provide a stealthy way to generate big bucks, without the downsides of ransomware.

Researchers warned Monday of two remote code execution vulnerabilities in FreeXL that could let an attacker execute code with local user privileges.

Microsoft is opting to stand pat and not fix a content security bypass vulnerability in its Edge browser, something researchers warn could potentially lead to the disclosure of confidential information.

Adversaries are using the SMB communications channel to launch template injection attacks against the energy sector, including nuclear facilities.

Cisco has uncovered a remote administration tool called Konni that it says has been used in attacks against government agencies and public organizations linked to North Korea.

Two recent fileless malware campaigns targeting financial institutions, government agencies and other enterprises have been linked to the same attack group.

While probes looking for vulnerable Apache Struts 2 deployments continue, malicious traffic has tapered off, researchers at Rapid7 said.

Apache administrators are urged to immediately upgrade the Struts 2 web application framework to address a remote code execution flaw under public attack.