Security news this week featured yet more revelations from the ongoing investigation into the OPM cyber attack, with the government now reporting that 5.6 million fingerprint data records had been compromised.
In other news, a strain of malware coined XcodeGhost was uncovered by security researchers at Proofpoint.
Here is a run-down of the best security news of the week from the V3 newsdesk.
Level3 opens London security nerve centre to track cyber threats
Level3 Communications opened its latest security operations centre (SOC) in central London, purpose-built to monitor cyber threats in real time. The new facility is the third such centre opened by Level3, with the other two located in Broomfield, Colorado and Phoenix, Arizona.
Apple reveals list of top 25 apps infected with XcodeGhost malware
Apple released a list of the top 25 most popular iOS applications compromised by XcodeGhost malware including WeChat, an unofficial copy of a popular game titled Angry Bird 2 and messaging app Encounter.
Hackers using ATM malware ‘GreenDispenser' to steal cash
A fresh strain of ATM malware dubbed GreenDispenser was found to be in use by hackers to drain cash from infected machines, according to researchers at security firm Proofpoint.
BT, Vodafone and others create IoT security foundation
A consortium of leading tech firms including BT and Vodafone joined forces to create the Internet of Things Security Foundation (IoTSF), designed to ensure the security of IoT devices and respond to rising cyber threats.
OPM Hack: US admits 5.6 million fingerprint records stolen in hack
A total of 5.6 million fingerprint records were stolen during the data breach of the US Office of Personnel Management (OPM), significantly more than the 1.1 million initially predicted by the agency.
Chinese firm attacks Android phones via malware-laced apps
Researchers at security firm FireEye revealed an emerging strain of Android malware originating from a China-based mobile company that is quickly spreading worldwide.
Adobe releases 23 critical updates to fix Flash Player flaws
Adobe issued 23 security updates to fix critical vulnerabilities in its Flash Player which, if left unchecked, could leave computer systems open to attack from hackers.
US-China cyber peace treaty on the horizon as Chinese hacking slows
The US and Chinese governments were reportedly locked in discussions to develop the world's first cyber peace deal, on the understanding that neither nation will be the first to launch a cyber attack on critical infrastructure.
Symantec fires employees for issuing rogue Google security certificates
Security firm Symantec fired a number of employees after it was revealed that fake Google security certificates had been issued, at least one of which was discovered in the wild.
Darktrace pushes machine learning to take some of the pressure off of IT and security teams
Google also gets its hands on HTC's IP in a non-exclusive deal
Microsoft, Google and Samsung all targeted as Avast admits to the scale of the CCleaner compromise
Not all loose ends tied yet, admits Bain backer SK Hynix