Today’s WikiLeaks Vault 7 Dark Matter release shows the CIA’s capabilities to attack and persist on Apple iPhone and Mac firmware and an apparent interdiction of the iPhone supply chain.

A researcher has published a method by which a local admin can hijack any other Windows sessions without the need for credentials.

Spammers are turning to an old technique known as hailstorm to slip past anti-spam and anti-malware filters to deliver Dridex banking malware and Locky ransomware.

An cybercrime group from Russia earns $3 million to $5 million daily through defrauding major U.S. websites of video ad revenue.

Experts at InfoArmor said the stolen database of 1 billion Yahoo accounts has been sold multiple times for at least $300,000 each time.

Researchers at Flashpoint said their analysis of the latest ShadowBrokers dump of NSA tools leads them to believe an insider with access to a code repository stole the data.

A hacker offered to sell an unpatched system vulnerability in the U.S. Election Assistance Commission website on the Dark Web for “thousands” of dollars.

A remote code execution bug in Ubuntu Desktop was patched; the vulnerability affected all default installations of Quantal version 12.10 and later.

An exploit kit called DNSChanger is attacking routers, not browsers, through a malvertising campaign.

KFC Corporation warned 1.2 million of its UK-based Colonel’s Club members to reset their passwords after 30 members were targeted in an attack.