The open-source ERP framework OFBiz is being targeted by the Mirai botnet due to a critical directory traversal vulnerability that allows for remote command execution. This vulnerability was patched in May for versions before 18.12.13.

Researchers found a malicious PowerShell script targeting browser extensions related to cryptocurrency apps like Coinbase, Binance, Exodus, Atomic, Electrum, Ledger, Jaxx, Guarda, Armory, Trezor, and others.

Researchers found a phishing campaign that abuses the McAfee antivirus to scare people. It starts with a classic email that notifies the targeted user that a McAfee subscription expired.