1. Three Microsoft Defender zero day vulnerabilities codenamed BlueHammer RedSun and UnDefend are being actively exploited in the wild to gain elevated privileges (The Hacker News).
2. The Payouts King ransomware group is utilizing QEMU virtual machines as a reverse SSH backdoor to evade detection by endpoint security solutions (BleepingComputer).
3. The Grinex cryptocurrency exchange has suspended operations following a 13.7 million dollar hack that the company claims was orchestrated by Western intelligence agencies (The Hacker News).
4. A Mirai botnet variant named Nexcorium is actively exploiting CVE 2024 3721 to hijack TBK DVR devices and end of life TP Link routers for DDoS attacks (The Hacker News).
5. The ShinyHunters threat group continues its data extortion campaign against Salesforce customers with seven new victims listed recently (Reddit).
6. A critical security flaw in the Anthropic MCP protocol has been identified affecting approximately 200000 servers (Reddit).
7. Recently leaked Windows zero day vulnerabilities are being actively exploited by threat actors in current attacks (Reddit).
8. Researchers identified malicious code named TamperedChef embedded within GTA V and FiveM mods (Reddit).
9. A researcher known as Chaotic Eclipse disclosed three Microsoft Defender zero days including one that blocks signature updates from standard user accounts (Reddit).
10. A fake cryptocurrency wallet application distributed through the Apple App Store resulted in a musician losing their life savings (Bitdefender).
11. Anthropic has restricted access to its new Claude Mythos AI model to select organizations under Project Glasswing due to its high capability in identifying and exploiting software vulnerabilities (Schneier).
12. Threat actors are increasingly using malicious Microsoft 365 mailbox rules to maintain persistence even after users change their email passwords (Fortra).
Be First to Comment