Malware authors are increasingly using rarely spotted programming languages such as Go, Rust, Nim and DLang in order to create new tools and to hinder analysis, researchers have found.

Discord has a malware problem. And although the platform is predominantly used by gamers, it turns out even users who have never interacted with the platform are at risk.

Financial cybercrime gang FIN7 has resurged after the jailing of some members, launching a campaign that uses as a lure a legal complaint involving the liquor company that owns Jack Daniels whiskey.

The Milanote app has attracted the notice of cybercriminals who are abusing it to carry out credential-stealing campaigns that bypass secure email gateways (SEGs), researchers said.

A never-before-documented Windows malware strain dubbed MosaicLoader is spreading worldwide, acting as a full-service malware-delivery platform that’s being used to infect victims with RATs, Facebook cookie stealers, and other threats.

Families mourning the loss of loved ones to the partial collapse of the Champlain Towers South condo building in Surfside, Fla. are now being targeted in a new identity-theft scheme.

A critical remote code-execution vulnerability in Juniper Networks’ Steel-Belted Radius (SBR) Carrier Edition lays open wireless carrier and fixed operator networks to tampering.

Criminal communications in underground forums offer critical clues about which known CVEs threat actors are most focused on. This, in turn, offers defenders clues on what to watch out for.

For the first time, researchers have publicly spotted a Linux encryptor used by the HelloKitty ransomware gang: the outfit behind the February attack on videogame developer CD Projekt Red.

A cryptojacking gang that’s likely based in Romania is using a never-before-seen SSH brute-forcer dubbed “Diicot brute” to crack passwords on Linux-based machines with weak passwords.