Security researchers say the emergence of the macOS trojan-proxy shows that all operating systems are under attack as hackers don't discriminate.

Here are three strategies that can help security teams prevent and mitigate the impact of a QR-code attack.

BleepingComputer reports that more than 12 million Android devices have collectively downloaded 18 malicious loan apps dubbed "SpyLoan," which could exfiltrate not only call logs, local Wi-Fi network information, and image metadata but also text messages, location information, and contact lists.

Surprise Cam Nudes, Staples, Turtle, Apple, 23andme, P2Pinfect, Sellafield, Gmail, Jason Wood, and more on this edition of the Security Weekly News.

The move by the threat actors to attack 32-bit MIPS processors reflects an attempt to propagate the P2Pinfect malware to a broader range of targets.

Organizations in the government, real estate, telecommunications, retail, and other sectors across the U.S., Africa, and the Middle East have been subjected to intrusions under the new CL-STA-0002 threat cluster.

BBC News reports that major online travel agency Booking.com had its customers in the U.S., UK, and other parts of the world impacted by fraud following a social engineering attack that involved the deployment of the Vidar information-stealing malware.

Threat actors have begun leveraging the critical Apache ActiveMQ vulnerability, tracked as CVE-2023-46604, to facilitate the distribution of the Golang-based GoTitan botnet and PrCtrl Rat, a .NET program, as well as the Sliver, Kinsing, and Ddostff malware strains, Hackread reports.