The British Ministry of Defence has introduced a streamlined recruitment pathway for cyber professionals to enhance its defense capabilities in response to increasing cyber threats and a global talent shortage.
The UK AI Safety Institute has rebranded as the UK AI Security Institute to focus on mitigating national security risks associated with AI technologies, including criminal misuse and cybersecurity threats.
Multiple Russian nation-state actors, including the group Storm-2372, are conducting a sophisticated spear-phishing campaign that exploits device code authentication to gain unauthorized access to Microsoft 365 accounts, posing a significant threat to global critical infrastructure.
The Lazarus Group’s Operation Marstech Mayhem employs sophisticated malware to compromise software and Web3 developers, posing significant risks to global software ecosystems and potentially funding North Korean government activities.
Astaroth is a sophisticated phishing kit that effectively circumvents two-factor authentication by using advanced techniques to capture sensitive information from various authentication services.
The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a Secure by Design Alert highlighting the significant security risks posed by buffer overflow vulnerabilities, which are frequently exploited by cyber actors, including those from China, in major software products from vendors like Microsoft, VMware, and Ivanti.
