1) The TrickBot, a Trojan best known for attempting to steal banking login credentials, received an upgrade that makes it capable of stealing passwords and other information across the web.
2) Attackers amassed a botnet consisting of some 100,000 routers, which were compromised remotely via a vulnerability related to Universal Plug and Play (UPnP).
3) Companies that do business with the U.S. Department of Defense will have to meet new security standards.
4) VMware patched a critical vulnerability that could permit a "guest-to-host escape."
5) Slow-to-patch users of the Adobe ColdFusion web application development platform are at risk due to a recently fixed vulnerability that is being exploited in APT-style attacks.