DHS and the FBI warned that North Korean attackers are targeting U.S. businesses with malware- and botnet-related attacks that are part of concerted effort dubbed “Hidden Cobra.”

Mozilla fixed 32 vulnerabilities, including a critical bug that could have resulted in a crash, with the release Tuesday of Firefox 54, the latest version of its flagship browser.

A campaign attributed to the FIN7 attackers targets restaurants with phishing emails and infected RTF Word documents that carry out fileless malware attacks.

Adobe fixed 21 vulnerabilities across four products – Flash, Shockwave Player, Captivate, and Adobe Digital Editions – on Tuesday.

Citing an elevated risk for destructive attacks, Microsoft today included patches for vulnerabilities in Windows XP among its Patch Tuesday updates.

Microsoft patched 95 vulnerabilities today, including two under attack.

Kaspersky Lab said it has seen some of the first exploits targeting a patched Samba vulnerability, and those are being used to mine Monero cryptocurrency.

Researchers say sensitive data can be extracted from air-gapped networks via a wireless router’s blinking LEDs.

How EternalBlue was ported to Windows 10, a Facebook phishing study, QakBot, and this week’s Apple security announcements are all discussed.

WiMAX routers manufactured by several companies, including Huawei and ZyXEL, are vulnerable to an authentication bypass and potential backdoors.