Автор: Elizabeth Montalbano, Contributing Writer

The emerging group has already gotten its teeth into 16 victims since May with its double extortion tactics, claiming victims in 11 countries, including the US, Thailand, and Taiwan.

The Canadian Center for Cybersecurity has confirmed that the Chinese state-sponsored cyber-threat actor targeted one of its telecommunications companies in February via a Cisco flaw, as part of global attack wave.

The attack is similar to previous campaigns by an actor called Commando Cat to use misconfigured APIs to compromise containers and deploy cryptocurrency miners.

The Android malware is targeting Turkish financial institutions, completely taking over legitimate banking and crypto apps by creating an isolated virtualized environment on a device.

A vulnerability in the popular Python-based tool for building AI agents and workflows is under active exploitation, allowing for full system compromise, DDoS attacks, and potential loss or theft of sensitive data

The emerging threat group attacks the supply chain via weaponized repositories posing as legitimate pen-testing suites and other tools that are poisoned with malware.

The weakness in Google’s password-recovery page, discovered by a researcher called Brutecat, exposed private user contact information to attackers, opening the door to phishing, SIM-swapping, and other attacks.

Backdoors lurking in legitimate-looking code contain file-deletion commands that can destroy production systems and cause massive disruptions to software supply chains.

Known threat groups APT15 and UNC5174 unleashed attacks against SentinelOne and more than 70 other high-value targets, as part of ongoing cyber-espionage and other malicious activity involving ShadowPad malware.

Malicious RubyGems pose as a legitimate plug-in for the popular Fastlane rapid development platform in a geopolitically motivated attack with global supply chain reach.