Don't-Miss Stories

Microsoft, Symantec battle fake credentials in malware

An alarming growth in malware signed with fraudulently obtained keys and code-signing certificates in order to trick users to download harmful code is prompting Microsoft and Symantec to push for tighter controls in the way the world's certificate authorities issue these keys used in code-signing.

Security firm warns of pervasive Mevade botnet

Hundreds of global organizations have been infected by a Russian botnet as part of a cybercrime campaign that could be connected to the mysterious traffic spike that hit the Tor anonymity system in August, security firm Websense says.

PHP.net maintainers to reset user passwords, change SSL certificate

Attackers compromised two php.net servers, injecting malicious code into the website, so The PHP Group is resetting passwords for the official website of the PHP programming language. It's also changing php.net's SSL certificate.

PHP.net compromised and used to attack visitors

Attackers injected malicious JavaScript code into the official website for the PHP programming language, redirecting some visitors' browsers to Flash exploits.

It's a trap! Malware disguises itself as Grand Theft Auto 5 for PC gamers

And to add insult to injury, you have to download 18GB of... something before the malware phishes for your personal info.