Magecart strikes again, hitting customer-engagement shop Feedify's shared Javascript library.
Malwarebytes notes the appearance of an "evil cursor" attack that affects recent versions of the Chrome browser. It prevents users from closing a window or a tab by clicking the usual "x" at the top, instead displaying a scare pop-up to drive nervous users to the criminals' bogus service offerings. A number of organized criminal groups are using the evil cursor attack, with the "Partnerstroka" gang first among equals.
Check Point has been following the Ramnit banking Trojan, and they see a seasonal pattern: it peaks during the summer. Why isn't clear: some speculate school-age skids are on summer break with time on their hands.
The Safari browser flaw reported this week does make url spoofing easier, but it's more likely to be a nuisance than a major threat. An easy protection, Sophos says, is to stay clear of easily impersonated http sites.
North Korea denounces the US indictment of one of its Lazarus Group hackers as a "smear campaign," which of course North Korea would. The indictment is part of a long-running American policy of charging officers of foreign government with hacking offenses.
There's much mutually amplifying woofing in social media to the effect that gas explosions in the US Commonwealth of Massachusetts were the result of cyberattacks. This is grossly premature speculation. The incident is under investigation, and such inquiries take time. There are plenty of accidents, and most of them are just that, so wait and see.