Security researchers have discovered a new email spam campaign that tries to get users to open up Word document attachments that downloads a password stealer as its final payload.
A strange spam campaign that targets Apple customers has been found distributing phishing emails containing an Apple receipt that bills US$ 9.99 (£7) to an Edward Snowden residing at a US address.
Cyber-criminals are using a malware spam campaign to exploit a remote code execution vulnerability in Microsoft Office to download and execute malicious scripts on victims' systems.
More than 5,000 sites, including sites belonging to the NHS, ICO, local councils and the Student Loans Company were hit by a cryptocurrency mining campaign that exploited a popular plug-in to infect sites with a malicious script.
Researchers are reporting that an increasingly sophisticated North Korean hacking group is responsible for an attack campaign exploiting CVE-2018-4878, a critical use-after-free flaw in Flash Player that has not yet been patched.
Researchers have uncovered a two-year-old cyber-espionage campaign that's been infecting Ukrainians with either a newly discovered remote access tool called Vermin or the more established Quasar RAT.
A malvertising campaign was observed exploiting Google's DoubleClick network to deliver silent cryptominers on high-traffic sites.
A newly discovered malicious URL redirection campaign that infects users with the XMRig Monero cryptocurrency miner has already victimised users between 15 and 30 million times, researchers have reported.
Forcepoint researchers spotted a malware laden spam campaign, similar to Necurs, using compromised FTP sites instead of the usual HTTP link as download locations for malicious documents.
Malwarebytes researcher Jerome Segura analysed a RIG exploit campaign distributing malware coin miners delivered via drive-by download attacks from malvertising.
On 19 September, the TA530 group sent personalised emails utilising company names, personal names, titles and more to deliver malicious Word documents.
The Shadowgate malware campaign has been halted by security firm Talos and hosting company GoDaddy