Автор: Jai Vijayan, Contributing Writer

The company has assessed four of the five disclosed vulnerabilities as being of high to critical severity.

So far, the threat actor has compromised at least five organizations using CVE-2024-39717; CISA has added bug to its Known Exploited Vulnerability database.

The malware is a customized variant of the powerful open source XenoRAT information stealing malware often deployed by Kimsuky and other DPRK APTs.

The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.

An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks.

Vulnerability gave attackers with access to a pod a way to obtain credentials and other secrets.

Outlook, Teams, PowerPoint, OneNote, Excel, and Word undermine macOS’s strict user permission-based privacy and security protections.

Cyber incidents like this highlight the need for tougher action on companies that fail to adequately protect consumer data.

The attack affects organizations that have synced multiple on-premises Active Directory domains to a single Azure tenant.

The likely China-linked campaign is deploying CloudSorcerer and other proprietary binaries belonging to known state-sponsored groups, showing how advanced persistent threat groups often collaborate with each other.