Russian military intelligence hackers have been exploiting a Windows vulnerability since at least 2020 according to a new Microsoft report. Here's what you need to know.

Kashmir Hill has a really good article on how GM tricked its drivers into letting it spy on them—and then sold that data to insurance companies.

Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches. [...]

​The Los Angeles County Department of Health Services disclosed a data breach after thousands of patients' personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees. [...]

Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0. "This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as

The US Federal Trade Commission will send $5.6m worth of refunds to the spied-on customers of the Amazon-owned home camera company