Many organizations remain vulnerable to the Cactus ransomware group's exploitation of three flaws in the Qlik Sense data analytics and Business Intelligence (BI) platform nearly five months after security researchers warned about them. In August, the company disclosed two bugs in multiple versions of Qlik Sense Enterprise for Windows. When chained, the vulnerabilities enable remote, unauthenticated attackers to execute arbitrary code on impacted systems. In September, Qlik disclosed a vulnerability that bypassed its fixes for August's two flaws.

A recent analysis by researchers at Akamai Security has shed light on the extent of phishing and smishing attacks targeting the United States Postal Service (USPS), particularly during the holiday season.  The researchers used anonymized global DNS query logs during the study. The researchers found that illegitimate domains mimicking USPS websites attracted nearly equal and sometimes higher traffic than legitimate domains, especially during peak shopping periods like Thanksgiving and Christmas.

A threat actor could exploit a security flaw in the R programming language to create a malicious R Data Serialization (RDS) file that results in the execution of code when loaded and referenced. RDS is a format for serializing and storing the state of data structures or objects in R, an open source programming language applied in statistical computing, data visualization, and Machine Learning (ML). According to the Artificial Intelligence (AI) application security company HiddenLayer, the vulnerability involves using promise objects and lazy evaluation in R.

Okta customers have recently experienced an "unprecedented" rise in credential stuffing attacks supposedly due to anonymizing services and residential proxies. The Identity and Access Management (IAM) vendor's Identity Threat Research team observed an increase in attacks on user accounts between April 19 and 26. These attacks appear to use the same infrastructure as attacks that targeted global Virtual Private Network (VPN) users between March 18 and April 16. All recent attacks use TOR to anonymize requests.

UK law will require Internet-connected smart devices to meet minimum security standards. On April 29, the law came into force, banning manufacturers from using weak default passwords like "123456" or "admin" for Internet-connected devices. The law covers smartphones, TVs, game consoles, and more. According to the UK government, the new rules aim to protect consumers from hacking and cyberattacks. This article continues to discuss the new UK security law.

Coffee County in Georgia has been hit by a cyberattack, reportedly leading to its connection to the state's voter registration system being severed. In a statement, the Office of Coffee County Board of Commissioners said the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) informed the County of unusual cyber activity on its IT infrastructure on April 15, 2024.

Cisco's Talos is warning that a threat actor has been using multiple information stealers to harvest credentials and financial data from users worldwide. The threat actor is called CoralRaider and has been active since at least 2023. The threat actor is likely of Vietnamese origin and was previously seen targeting users in various Asian countries. The researchers warned of CoralRaider's use of a customized variant of QuasarRAT dubbed RotBot and the XClient stealer to target financial and login information and steal social media accounts, including business and advertising accounts.

DARPA recently announced that an AI test pilot has successfully flown a jet fighter in dogfights against human opponents. It's the latest development for DARPA's Air Combat Evaluation program, which is trying to develop aerospace AI agents that can be trusted to perform safely. The USAF and DARPA started conducting X-62A test flights under AI control in December 2022, logging 17 hours by the time the program was announced in early 2023.

A multi-university and industry research team led by computer scientists at the University of California, San Diego, discovered two novel attacks targeting the conditional branch predictor in high-end Intel processors that could compromise billions of processors being used today. They found an attack that is the first to target a feature in the branch predictor known as the Path History Register (PHR), which tracks branch order and branch addresses. This attack exposes more information with greater precision than previous attacks that lacked branch predictor structure insight.