The BianLian ransomware group, likely based in Russia, has transitioned from traditional ransomware attacks to exfiltration-based extortion, targeting critical national infrastructure across various sectors globally.
Cross-Site Scripting (XSS) has been identified as the most dangerous software vulnerability of 2024, according to the annual Common Weakness Enumeration (CWE) list compiled by MITRE and CISA, highlighting the ongoing risks associated with this exploit.
Five individuals, including four US citizens and one British national, have been charged with conspiracy to commit wire fraud and aggravated identity theft for their roles in sophisticated phishing schemes that resulted in over $11 million in cryptocurrency theft.
Lumma Stealer, a sophisticated infostealer malware linked to Russian cybercriminals, is primarily distributed through Telegram channels, posing significant threats to user privacy and data security.
Google’s OSS-Fuzz team has enhanced their AI-driven fuzzing tool, discovering 26 vulnerabilities, including a critical flaw in OpenSSL that has existed for nearly 20 years.
Apple has issued emergency updates to address two critical zero-day vulnerabilities in macOS Sequoia, CVE-2024-44308 and CVE-2024-44309, which may have been actively exploited and affect a range of Apple devices.
