Security researchers from Trend Micro have uncovered an active cyberespionage operation that so far has compromised computers belonging to government ministries, technology companies, media outlets, academic research institutions and nongovernmental organizations from over 100 countries.

Previously unknown Mac OS X spyware, signed with a valid Apple Developer ID, has turned up on the laptop of an activist from Angola at a human rights conference in Norway.

Four British men associated with the LulzSec hacker collective received prison sentences Thursday for their roles in cyberattacks launched by the group against corporate and government websites in 2011.

Security researchers from Damballa have found a new variant of the Pushdo malware that's better at hiding its malicious network traffic and is more resilient to coordinated takedown efforts.

Security researchers from Russian cybercrime investigations firm Group-IB have uncovered a cyberfraud operation that uses specialized financial malware to target the customers of several major Australian banks.

Adobe has released scheduled security updates for its Reader, Acrobat, Flash Player and ColdFusion products on Tuesday in order to fix many critical vulnerabilities, including one that is already actively exploited by attackers.

The Android threat landscape is growing in both size and complexity with cybercriminals adopting new distribution methods and building Android-focused malware services, according to a report from Finnish security vendor F-Secure.

Mobile security vendor Lookout plans to start flagging as adware mobile apps that use aggressive ad networks if they don't obtain explicit consent from users before engaging in behavior that potentially invades privacy.

Colleges and universities are being encouraged to scrutinize their systems to keep them from being hijacked in DDoS (distributed denial-of-service) attacks.

Adobe has warned users of its ColdFusion application server platform of a critical vulnerability that could give unauthorized users access to sensitive files stored on their servers.

Domain registrar Name.com forced its customers to reset their account passwords on Wednesday following a security breach on the company's servers that might have resulted in customer information being compromised.

The development team behind the popular Nginx open-source Web server software released security updates on Tuesday to address a highly critical vulnerability that could be exploited by remote attackers to execute arbitrary code on susceptible servers.

AutoIt, a scripting language for automating Windows interface interactions, is increasingly being used by malware developers thanks to its flexibility and low learning curve, according to security researchers from Trend Micro and Bitdefender.

A 35-year-old Dutchman was arrested Thursday in Spain, as part of an investigation into a large-scale DDoS (distributed denial-of-service) attack that targeted a spam-fighting organization called the Spamhaus Project in March

Cybercriminals increasingly hack into shared Web hosting servers in order to use the domains hosted on them in large phishing campaigns, according to a report from the Anti-Phishing Working Group (APWG).