A Pakistani threat actor successfully socially engineered a number of ministries in Afghanistan and a shared government computer in India to steal sensitive Google, Twitter, and Facebook credentials from its targets.

E-commerce platforms in the U.S., Germany, and France have come under attack from a new malware targeting Nginx servers to masquerade its presence and slip past detection by security solutions.

Meta said more than 1.5 million accounts have enabled Facebook Protect to date, of which nearly 950,000 accounts turned on 2FA since it began widely rolling out the feature in September 2021.

The FBI and the CISA are warning of active exploitation of a newly patched flaw in Zoho's ManageEngine ServiceDesk Plus product to deploy web shells and carry out an array of malicious activities.

Socially engineered SMS messages are being used to install malware on Android devices as part of a widespread phishing campaign that impersonates the Iranian government and social security services to make away with credit card details.

Mozilla has rolled out fixes to address a critical security weakness in its cross-platform NSS cryptographic library that could be potentially exploited by an adversary to crash a vulnerable application and even execute arbitrary code.

Four different malicious frameworks designed to attack air-gapped networks were detected in the first half of 2020 alone, bringing the total number of such toolkits to 17 and offering adversaries a pathway to cyber espionage.

A sixth member associated with an international hacking group known as The Community has been sentenced in connection with a multimillion-dollar SIM swapping conspiracy, the Justice Department said.

The two weaknesses — collectively called Printing Shellz — were discovered and reported to HP by F-Secure Labs researchers Timo Hirvonen and Alexander Bolshev on April 29, 2021.

Japanese consumer electronics giant Panasonic has disclosed a security breach wherein an unauthorized third-party broke into its network and potentially accessed data from one of its file servers.