Symantec has warned that a critical flaw in the ActiveX control of image uploaders that have been widely distributed to users of popular social networking sites Facebook and MySpace can be exploited by hackers to install malicious code on users' computers.

The notorious Storm worm botnet, which has mounted phishing attacks on major banks and spawned several waves of holiday-themed messages in recent weeks, is generating spam that directs recipients to bogus medical sites, Websense has warned.

Horizon Blue Cross/Blue Shield of New Jersey has notified more than 300,000 of its members that their personal information -- including Social Security numbers -- was contained in a laptop stolen in Newark earlier this month.

At least two brands of digital picture frames, a popular gift during the recent holiday season, have been contaminated by malware and one of the models - Insignia's 10.4-inch frame - has been recalled by the manufacturer and pulled from the shelves of Best Buy.

Security researchers have warned that malware-laced fake Super Bowl websites have begun appearing, the first wave of what is expected to be a major campaign of game-related cyberattacks.

A rogue trader at Societe Generale used his knowledge of the French bank's computer security system to conceal fraudulent transactions that resulted in losses of more than $7 billion, the bank has confirmed.

Leading security analysts say a major French bank could have prevented a $7 billion insider fraud with better password controls, and software that tracks transactions from workstations.

The Super Bowl presents a ripe target for cybercriminals intent on maximizing the impact of their scams, and the biggest question at this time - aside from which team will win the big game - is what form these attacks will take.

Fortinet researchers have discovered a new socially engineered Symbian OS worm they say is actively spreading on mobile networks as users unwittingly send the malware to their unit's entire address book.

The Universal Plug and Play (UPnP) interface is highly vulnerable to use by hackers seeking to modify home router settings -- such as choice of DNS server -- from an external location, researchers warned.