Now on to five security things to know this week:
1) A critical vulnerability in the Apache Struts 2 web application framework, which was patched roughly a year ago after active exploits appeared, remains under attack.
2) The suspected mastermind of the Carbanak malware group, which allegedly stole some $1.2 billion from banks, was arrested by Europol.
3) How did crypto-mining service Coinhive ascend so rapidly to major threat status?
4) The ransomware believed responsible for a cyberattack on a major U.S. city has netted hundreds of thousands of dollars for its pureyors.
5) Software development platform GitHub discovered approximately four million vulnerabilities in its public code libraries.