Wikipedia and World of Warcraft Classic users reported global outages over the weekend in targeted - and connected - DDoS attacks.

Over the past year, the cyber-espionage group has attacked at least 12 other companies in the military, telecom, and satellite sectors, Symantec says.

The ransomware campaign affected 22 local governments, none of which have paid the attackers' $2.5 million ransom demand.

The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections to its government partner networks.

In mid-August, a member of a popular Russian-language cybercrime forum offered to sell access to the internal network of a U.S. government IT contractor that does business with more than 20 federal agencies, including several branches of the military. The seller bragged that he had access to email correspondence and credentials needed to view databases of the client agencies, and set the opening price at six bitcoins (~USD $60,000).

A critical vulnerability found in Exim servers could enable a remote, unauthenticated attacker to execute arbitrary code with root privileges.

Attackers don't need sophisticated James Bondian hardware to break into your company. Sometimes a $99 device will do.

CCAT is on the prowl for backdoors in container environments

Apple said Google’s recent analysis of vulnerabilities found January in iOS painted a misleading picture of the scope of the attacks and the risk involved

WordPress version 5.2.3 has just appeared on the download pipe featuring half a dozen security fixes and software enhancements.

A senior executive at private browser company Brave has accused Google of using a workaround that lets it identify users to ad networks.