BleepingComputer reports that hacked WordPress sites have been used as relay command-and-control servers by the novel Wpeeper Android malware, which has been spread via a pair of app stores impersonating the Uptodown App Store and is believed to have already compromised thousands of Android devices.
Suspected Chinese state-backed threat operation Muddling Meerkat has ramped up global DNS manipulation since last September, nearly four years after it commenced such activities, BleepingComputer reports.
BleepingComputer reports that fraudulent United States Postal Service websites used in phishing campaigns recorded similar traffic as the legitimate domain on regular days, while surpassing the traffic of the postal service's real domain during the holiday season.
Hacked email accounts have been used by threat actors to facilitate a phishing campaign that involves the use of Autodesk Drive-hosted PDF documents to compromise Microsoft account credentials, SecurityWeek reports.
U.S. political action committee Lincoln Project, which was formed in 2019 to counter former President Donald Trump's re-election bid, has been impacted by a business email compromise attack in February that resulted in the exfiltration of $35,000, reports The Record, a news site by cybersecurity firm Recorded Future.
Eight of nine major Chinese keyboard apps were found to have vulnerabilities that could be leveraged to expose nearly a billion users' keystrokes, The Hacker News reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.