Malware hunters at Volexity are raising the alarm for a Chinese threat actor seen exploiting a zero-day flaw in the Zimbra email platform to infect media and government targets in Europe.

read more

British snacks producer Kenyon Produce (KP) Snacks has fallen victim to a ransomware attack that caused some disruptions to its manufacturing and distribution operations.

The German-owned company says it became aware of the attack on January 28, and that it immediately took the necessary steps to contain the incident.

read more

Ransomware attacks in many cases hit industrial control systems (ICS) or operational technology (OT) environments, and impact is often significant, according to a report published on Thursday by IoT and industrial cybersecurity company Claroty.

read more

The cyber threat team at retail giant Walmart has dissected a new ransomware family dubbed Sugar, which is available to cybercriminals as a ransomware-as-a-service (RaaS).

read more

The jostling for space in the attack surface management space intensified this week with Michigan startup Censys banking a new $35 million funding round to fuel growth and expansion.

read more

Apple late Wednesday pushed out an urgent iOS update with fixes for 11 documented security flaws and warned that one of the vulnerabilities “may have been actively exploited.”

In a barebones advisory, Apple acknowledged the zero-day took aim at a memory corruption issue in IOMobileFrameBuffer, an oft-targeted iOS kernel extension.

read more

A recent campaign targeting individuals in Hong Kong has leveraged at least two pieces of malware designed to target macOS systems.

read more

The U.K. government’s cybersecurity agency has announced plans to ship a collection of well-tested, reliable scanning scripts to help defenders find and fix high-priority software security vulnerabilities.

read more

PrinterLogic has released security updates to address a total of nine vulnerabilities in Web Stack and Virtual Appliance, including three security defects that carry "high severity" ratings.

read more

Microsoft has announced improved security for the users of its flagship Office productivity suite, courtesy of Excel 4.0 (XLM) macros now being restricted by default.

read more

Cloud security and compliance automation startup Anitian this week closed a $55 million Series B funding round led by Sageview Capital.

The new investment brings the total raised by Anitian $71 million and provides fresh capital to fuel ambitious expansion plans.

read more

The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released the final version of its IPv6 security guidance for federal agencies.

read more