The UK AI Safety Institute has rebranded as the UK AI Security Institute to focus on mitigating national security risks associated with AI technologies, including criminal misuse and cybersecurity threats.
Multiple Russian nation-state actors, including the group Storm-2372, are conducting a sophisticated spear-phishing campaign that exploits device code authentication to gain unauthorized access to Microsoft 365 accounts, posing a significant threat to global critical infrastructure.
The Lazarus Group’s Operation Marstech Mayhem employs sophisticated malware to compromise software and Web3 developers, posing significant risks to global software ecosystems and potentially funding North Korean government activities.
Astaroth is a sophisticated phishing kit that effectively circumvents two-factor authentication by using advanced techniques to capture sensitive information from various authentication services.
The Russian state-sponsored cyber group Seashell Blizzard, also known as APT44, has intensified its cyber-espionage and attacks on critical infrastructure globally, leveraging vulnerabilities in various systems to maintain persistent access and execute large-scale compromises.
The British government has issued a secret order to Apple, requiring the company to create a backdoor for government surveillance, raising significant concerns about privacy and security.
Memorial Hospital and Manor in Bainbridge, Georgia, suffered a ransomware attack by the Embargo group, exposing the personal and medical information of approximately 120,000 individuals.
Evan Frederick Light, a 22-year-old from Lebanon, Indiana, has been sentenced to 20 years in federal prison for his role in a cybercrime operation that stole over $37 million in cryptocurrency from more than 100 victims worldwide.
The United Kingdom has enacted the Online Safety Act, making it illegal to possess, create, or distribute AI tools designed to generate child sexual abuse material, setting a precedent for global child protection policies.
A sophisticated cyber campaign attributed to Chinese-speaking threat actors is exploiting unpatched vulnerabilities in Microsoft Internet Information Services (IIS) servers across Asia using advanced malware known as BadIIS, redirecting victims to illegal gambling sites and manipulating search engine optimization.
