Автор: Becky Bracken, Senior Editor, Dark Reading

Law enforcement across mainland China have been using EagleMsgSpy surveillance tool to collect mobile device data since at least 2017, new research shows.

Researchers demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device.

Threat actors punch holes in the company’s online ordering systems, tripping up doughnut deliveries across the US after a late November breach.

Scammers set up call centers in luxury rentals to run bank help-desk fraud, as well as large-scale phishing campaigns, across at least 10 European countries, according to law enforcement.

An FBI operation nabbed a member of the infamous cybercrime group, who is spilling the tea on ‘key Scattered Spider members’ and their tactics.

At least 17 affiliate groups have used the "DroidBot" Android banking Trojan against 77 financial services companies across Europe, with more to come, researchers warn.

Enterprise cybersecurity teams tell Omdia’s Maxine Holt that they want to dig out from underneath mounting tech and pivot to a simpler platform model — but they are finding that tricky to pull off.

GenAI’s 30%-50% coding productivity boost comes with a downside — it’s also generating vulnerabilities. Veracode’s Chris Wysopal talks about what he finds out in this News Desk interview during Black Hat USA.

New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren’t so sure the brand means that much.

In addition to XSS, MITRE and CISA’s 2024 list of the 25 most dangerous security vulnerability types (CWEs) also flagged out-of-bounds write, SQL injection, CSRF, and path traversal.