Microsoft has initiated legal action against an unidentified foreign threat group for exploiting its AI technologies to create harmful content and offering “hacking-as-a-service” to other criminals.
A cyber-espionage campaign linked to the Russia-aligned group UAC-0063 has been using weaponized Microsoft Word documents to deploy advanced malware, including HatVibe and CherrySpy, against diplomatic targets in Kazakhstan and Central Asia.
FunkSec, a newly formed ransomware-as-a-service group, has quickly gained notoriety for its aggressive tactics and AI-assisted operations, claiming over 85 victims in December 2024 alone.
Medusind Inc, a Miami-based medical billing company, has reported a significant data breach affecting over 360,934 individuals, compromising their personal, financial, and medical information amid growing cybersecurity challenges in the healthcare sector.
A deceptive proof-of-concept exploit named LDAPNightmare has emerged, targeting critical Microsoft vulnerabilities CVE-2024-49112 and CVE-2024-49113, and is being weaponized by threat actors to distribute information-stealing malware through fraudulent repositories.
A significant ransomware attack attributed to the group “Kapor” has severely impacted the information systems of the Office of Geodesy, Cartography, and Cadastre of the Slovak Republic, leading to service disruptions and raising concerns about data security.
CrowdStrike has identified a sophisticated phishing campaign where cybercriminals impersonate recruiters to deceive job seekers, particularly developers, into downloading malware disguised as a recruitment application.
PowerSchool, a leading provider of cloud-based K-12 software, suffered a significant cybersecurity breach that compromised the personal data of millions of students and teachers across North America, prompting concerns about data security in educational institutions.
A series of sophisticated spear-phishing attacks orchestrated by the Chinese threat actor MirrorFace has targeted government bodies, think tanks, and media outlets in Japan from December 2019 to July 2023, employing advanced malware and tactics to steal sensitive information.
The Biden administration has introduced the Cyber Trust Mark, a voluntary cybersecurity labeling program aimed at helping consumers identify secure internet-connected devices amidst rising cyber threats.
