SecurityWeek reports that malicious actors could exploit a medium-severity vulnerability in Siemens Desigo PXC4.E16 programmable building automation controllers that could make the device unavailable for days.
Fraudulent Binance non-fungible token mystery box bots are being promoted on YouTube as part of a new campaign aimed at distributing the RedLine malware, BleepingComputer reports.
Threat actors have created a fake version of the Pixelmon non-fungible token website under pixelmon[.]pw, which then spreads that Vidar malware with cryptocurrency wallet-exfiltrating capabilities, according to BleepingComputer.
Iranian advanced persistent threat group OilRig, also known as Cobalt Gypsy, Helix Kitten, and APT34, has attacked a Jordanian diplomat with a malicious Excel document deploying the new Saitama backdoor, reports SecurityWeek.
Bills aimed at bolstering statewide cybersecurity have been signed into law by Gov. Larry Hogan amid increasingly prevalent cyberattacks, the Associated Press reports.
Nearly 7,000 WordPress websites have been compromised in a widespread campaign that involved malicious JavaScript code injection that redirects site visitors to malicious websites, reports The Hacker News.
Malicious actors could avail of a malware toolkit with customizable modules through the Eternity Project malware-as-a-service, according to BleepingComputer.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.