Hackers are stealing Instagram credentials through a tricky phishing scam that asks victims to apply for exclusive verified account status. Go to Source

Researchers have identified security hole in Microsoft Office’s Excel spreadsheet program that allows an attacker to trigger a malware attack on remote systems. Go to Source

A 14-year-old hacker bricked at least 4,000 Internet of Things devices with a new strain of malware called Silex this week. Threatpost talks to the researcher who discovered the malware. Go to Source

Google finalizes its DNS-over-HTTPS service inching toward a world where DNS request are sent via HTTPS and not UDP or TCP. Go to Source

Cisco has patched two critical vulnerabilities in its Data Center Network Manager software, which could allow a remote attacker to take over affected devices. Go to Source

After a March report exposed Iran-linked APT33’s infrastructure and operations, the cyberespionage group has adopted new tactics and techniques. Go to Source

A bug in the Electronic Arts gaming platform’s single sign-on mechanism could have allowed hackers to access game accounts. Go to Source

After being hit by a ransomware attack, the second Florida city this month has opted to pay hackers their requested ransom. Go to Source

Web analytics firm plugs a hole in its platform that allowed attackers to open a reverse shell that could be used to attack the service. Go to Source

Researchers have found samples of malware that targets a recently-disclosed, unpatched MacOS vulnerability. Go to Source