The GoDaddy breach affecting 1.2 million customers has widened – it turns out that various subsidiaries that resell GoDaddy Managed WordPress services were also affected.

Researchers are raising the alarm over a phishing email kicking off a Halloween-themed MICROP ransomware offensive, which they observed making its way to a target’s inbox despite its being secured by an SEG.

The campaign appears to be targeting only employees working in the Middle East as “a single campaign” in a series of similar, SharePoint-themed phishing scams, researcher Chad Anderson wrote.

Kaspersky’s researchers observed various lures aimed at targets, depending on their current streaming subscription status. Fake sign-up pages were used to pry email addresses and credit-card data.

A critical security bug in the Citrix Application Delivery Controller (ADC) and Citrix Gateway could allow cyberattackers to crash entire corporate networks without needing to authenticate.

Researchers have developed an exploit to gain remote code execution via a massive vulnerability in a security appliance from Palo Alto Networks, potentially exposing 10,000 vulnerable firewalls.

Researchers have discovered 14 critical vulnerabilities in a popular program used in embedded Linux apps, all of which allow for denial of service and 10 that also enable remote code execution.

The surge in DDoS attacks signal a re-distribution of tactics by malicious actors away from cryptomining and toward the use of DDoS as a tool of intimidation, disinformation, and extortion.

The discovery of the common initial access broker has revealed a tangled web of related attack infrastructure underpinning disparate (and in some cases rival) malware campaigns.

CISA is urging vendors to patch, given the release of public exploit code and a proof-of-concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution.