A dangerous spyware campaign known as “Evil Telegram” disguises itself as legitimate Telegram “mods” and has infected over 60,000 mobile users, posing a significant threat to sensitive data and personal information.
Apple has issued emergency security updates for its operating systems, including iOS, iPadOS, macOS, and watchOS, to address two critical zero-day vulnerabilities that have been actively exploited in the wild.
The notorious Lazarus advanced persistent threat group, known for cyber espionage and cybercrime activities, has been observed exploiting vulnerabilities in Microsoft IIS servers, including the infamous WannaCry incident and recent virtual currency theft.
China, Iran, and North Korea have been exploiting critical vulnerabilities in Zoho ManageEngine ServiceDesk Plus and Fortinet FortiOS SSL-VPN to gain unauthorized access to organizations’ systems, potentially leading to data breaches and loss of proprietary information.
The US and UK governments have jointly announced sanctions against 11 Russian nationals accused of being connected to the Trickbot and Conti malware groups, freezing assets and imposing travel bans to combat cybercrime.
China-based threat actor Storm-0558 breaches Microsoft’s consumer signing system, obtaining a sensitive cryptographic key and using it to conduct surveillance on the US State and Commerce Departments and other government agencies.
