While probes looking for vulnerable Apache Struts 2 deployments continue, malicious traffic has tapered off, researchers at Rapid7 said.
Apache administrators are urged to immediately upgrade the Struts 2 web application framework to address a remote code execution flaw under public attack.
Apple patched an OS X vulnerability in a kernel driver that could give attackers root-level privileges on a Mac computer, researchers at Cisco Talos said.
Cisco Talos reports a new strain of spyware called Rombertik that escalates its anti-detection capabilities by destroying the Master Boot Record if the code is audited.
The Kyle and Stan malvertising network has compromised more than nine times as many domains as originally reported two weeks ago.