F5 Labs has detected a WireX variant capable of launching UDP flood DDoS attacks.

The Onliner spambot, Google’s forthcoming Not Secure warnings for Chrome, the WireX botnet, Sarahah privacy and more are discussed.

A large botnet of Android devices called WireX is responsible for large-scale application-layer DDoS attacks against businesses in the hospitality, porn and gambling industries.

The anonymous messaging app Sarahah says it plans to remove a feature that uploads users contacts, including phone numbers and email addresses to the company’s servers, in the next update.

Zerodium announced new $500,000 payouts for zero days in secure messaging apps such as Signal, WhatsApp and others.

More than 500 Android mobile apps have been removed from Google Play after it was discovered that an embedded advertising SDK called Igenix could be leveraged to quietly install spyware on devices.

Despite yesterday’s leak of the Apple iOS Secure Enclave decryption key, experts are urging calm over claims of an immediate threat to user data.

A hacker identified only as xerub published the decryption key unlocking the iOS Secure Enclave Processor.

A spyware family called SonicSpy was found on three apps available on the Google Play store as well as on more than 1,000 apps available on third-party app stores.

Google’s August Android Security Bulletin featured patches for nearly a dozen remote code execution bugs impacting Google’s Pixel and Nexus handsets.