"Storm-0539," also known as "Atlas Lion," is a Moroccan cybercriminal group that compromises retailers and creates fake gift cards. Microsoft detailed the group's tactics, techniques, and procedures (TTPs), which show their reconnaissance skills, cloud environment use, and cost-cutting. Microsoft analysts noted that Storm-0539's ability to breach and create cloud-based attack infrastructure saves them upfront costs. The group poses as a legitimate non-profit to cloud providers in order to receive sponsored or discounted services.

Hackers have compromised a popular brand of recording software used in courtrooms, jails, and prisons, allowing them to gain complete control of a system via a backdoor implanted in an update to the tool. Justice AV Solutions (JAVS) is used to record lectures, court hearings, council meetings, and other events, with over 10,000 installations. This article continues to discuss findings regarding the backdooring of the courtroom recording software.

A consumer-grade spyware app called "pcTattletale" has been discovered on the check-in systems of at least three US Wyndham hotels. The app secretly took screenshots of the hotel booking systems containing guest and customer information.

Australian patients' health and personal information has reportedly been published online following the ransomware attack on medical prescriptions provider MediSecure. Security researchers at CyberKnow discovered that a threat actor is offering over 6.5TB for sale for $50,000. The researchers noted that it was interesting that the sale is being offered via a forum rather than a ransomware leak site.

Some of the largest drug companies in the world have disclosed data breaches due to a February 2024 cyberattack at Cencora, whom they partner with for pharmaceutical and business services. The Pennsylvania-based firm, with a presence in 50 countries, employs 46,000 people. Cencora, in February 2024, disclosed a data breach in a Form 8-K filing with the SEC, stating that unauthorized parties gained access to its information systems and exfiltrated personal data.

GitLab fixed a high-severity vulnerability that enables unauthenticated attackers to hijack user accounts in Cross-Site Scripting (XSS) attacks. The vulnerability is an XSS flaw in the VS code editor (Web IDE) that allows threat actors to steal restricted information through maliciously crafted pages. Although they can exploit this vulnerability without authentication, user interaction is still required, increasing attack complexity.

Through the exploitation of a critical vulnerability in the Replicate Artificial Intelligence (AI) platform, attackers could have executed a malicious AI model within the platform for a cross-tenant attack. This attack could expose customers' private AI models and potentially expose proprietary knowledge or sensitive data. Researchers at Wiz uncovered the flaw thorugh a series of partnerships with AI-as-a-service providers to analyze the security of their platforms.

The new Cybersecurity Information Sheet (CSI), "Advancing Zero Trust Maturity Throughout the Application and Workload Pillar," from the National Security Agency (NSA) helps organizations secure applications from unauthorized users and maintain workload visibility. This CSI suggests ways to improve application and workload capabilities under the "never trust, always verify" Zero Trust (ZT) paradigm. It describes how these capabilities fit into a ZT framework. ZT implementation aims to improve cybersecurity protections, responses, and operations.

A new VulnCheck report found that the US National Vulnerability Database (NVD) lacks most currently exploited software vulnerabilities. In its May 23 report, the software security provider revealed that the NVD team has not analyzed 30 of 59 Known Exploited vVlnerabilities (KEVs) registered since February 12. In total, 50.8 percent of KEVs do not have critical metadata.

Customer chatbots built on general-purpose generative Artificial Intelligence (AI) engines are easy to develop but difficult to secure. Ashley Beauchamp was able to trick DPD's chatbot in January 2024. The chatbot swore, criticized DPD's service, and wrote a disparaging haiku about its owner. DPD shut down the chatbot and blamed an error for the manipulation. Others were skeptical because the output resembled 'jailbreaking', or bypassing AI's guardrails through prompt engineering.