The Identity Theft Resource Center (ITRC) annual report reveals a record number of data breaches in the US in 2023, with a 78% increase from the previous year, attributed to supply chain attacks and zero-day exploits.
Slovak cybersecurity firm ESET discovers China-backed threat actor Blackwood using NSPX30 implant to carry out sophisticated cyber-espionage activities since 2018.
CherryLoader, a newly identified threat, disguises itself as the CherryTree note-taking application and utilizes modularized features to deploy privilege escalation exploits without recompiling code.
Southern Water experiences a data breach by the Black Basta ransomware group, with stolen data being published on the dark web, while critical operations remain unaffected.
North Korea-backed threat actors conducted a series of cyber attacks on cryptocurrency platforms, resulting in the highest number of breaches recorded during that time period, stealing over $1 billion in digital currency.
Jenkins has fixed a security flaw in the args4j library that allowed remote code execution and enabled attackers to read arbitrary files on the Jenkins controller file system.
