The UK Cyber Security and Resilience Bill, aligning with the EU’s NIS2 directive, aims to enhance cybersecurity by expanding regulations to cover critical infrastructure and a wider range of digital services.
A new malware campaign, utilizing a deceptive Python package named “CryptoAITools,” is targeting developers and cryptocurrency enthusiasts by extracting sensitive information and draining assets from their wallets.
The recently patched CrossBarking vulnerability in the Opera web browser allowed malicious extensions to exploit non-public APIs, leading to unauthorized access and harmful actions such as hijacking accounts and modifying browser settings.
On October 29, 2024, Apple issued critical security updates for iOS 18.1, iPadOS 18.1, and macOS 15.1, fixing 77 vulnerabilities including issues that could allow unauthorized access and data leaks.
North Korean threat actor Jumpy Pisces has shifted from cyberespionage to financially motivated attacks by collaborating with the Play ransomware group, leading to significant cyber incidents affecting approximately 300 organizations.
The SYS01stealer campaign, active since early 2023, targets Facebook business accounts through malvertising to steal sensitive data and distribute malware.
