Автор: Elizabeth Montalbano, Contributing Writer

Attackers could have exploited a dependency confusion vulnerability affecting various Google Cloud services to execute a sprawling supply chain attack via just one malicious Python code package.

The dangerous ransomware group is targeting financial and insurance sectors using smishing and vishing against IT service desk administrators, cybersecurity teams, and other employees with top-level privileges.

An attack dubbed "WordDrone" that uses an old flaw to install a backdoor could be related to previously reported cyber incidents against Taiwan’s military and satellite industrial supply chain.

A fresh wave of attacks on APAC government entities involves both self-propagating malware spreading via removable drives and a spear-phishing campaign.

The malware, KTLVdoor, has already been found on more than 50 command-and-control servers and enables full control of any environment it compromises.

Sophisticated social engineering is expected to accompany threat campaigns that are highly targeted and aimed at stealing crypto and deploying malware.

Attackers have added aggressive social engineering to their arsenal, along with a novel Windows-manipulating persistence mechanism that demands developer vigilance.

Public-facing vulnerabilities, cloud sprawl, access to back-end servers are just a few of the challenges travel and hospitality companies must address.

Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.

The ShinyHunters attackers are skipping selling stolen data on hacker forums in favor of using deadline-driven ransom notes for financial gain.