"Pioneer Kitten" is an Iranian hacking group infiltrating US defense, education, finance, and healthcare organizations and extorting victims with affiliates of several ransomware operations.

"LummaC2" malware has reemerged, infiltrating and exfiltrating sensitive data. The infostealer malware actively exploits PowerShell commands. According to researchers at Ontinue, the latest variant of LummaC2 uses sophisticated tactics.

According to Cisco Talos, "BlackByte" ransomware attackers have exploited a recently patched VMware ESXi hypervisor flaw while also abusing different vulnerable drivers to disable security.

ESET discovered a cyber espionage campaign, traced to the Seoul-aligned APT-C-60 group, that exploited a novel Remote Code Execution (RCE) vulnerability in WPS Office for Windows to launch a custom backdoor.

Threat actors have been delivering malware to users of instant messaging apps. They have used a malicious Pidgin plugin and an unofficial fork of the Signal app.

DICK'S Sporting Goods, the largest chain of sporting goods retail stores in the United States, recently announced that confidential information was exposed in a cyberattack detected last Wednesday.

According to security researchers at Defiant, a critical vulnerability in the WPML multilingual plugin for WordPress could expose over one million websites to remote code execution (RCE).

By aekwall 

Software solutions provider Young Consulting recently notified over 950,000 individuals that their personal information was compromised in a data breach earlier this year.

The US Department of State recently announced a $2.5 million reward for information leading to the arrest of a Belarusian national allegedly involved in the mass distribution of malware.

In a study titled "Towards Antifragility of Cloud Systems: An Adaptive Chaos Driven Framework," researchers used different strategies to show how stress can bolster the security of cloud computing systems.

Lumen Technologies found the Chinese Advanced Persistent Threat (APT) group "Volt Typhoon" exploiting a new zero-day in Versa Director servers to steal credentials and break into downstream customers' networks.