The security key has served as a barrier to Multi-Factor Authentication (MFA) hacks. A physical device outperforms other methods, such as one-time codes, which hackers can intercept, and provides protection against Machine-in-the-Middle (MitM) attacks. However, research shows that attackers could, in theory, physically extract secrets from Read-Only Memory (ROM) inexpensively.

The US Department of Homeland Security (DHS) has established the Artificial Intelligence (AI) Safety and Security Board. The Board will help DHS stay ahead of growing threats posed by hostile nation-state actors. It will also help strengthen national security by helping deter and prevent such threats. The DHS Homeland Threat Assessment for 2024 warns that AI-assisted tools threaten economic security and critical infrastructure as they could enable larger-scale, faster, more efficient, and more evasive cyberattacks.

Canadian pharmacy chain London Drugs has recently closed all its retail stores to contain what it described as a "cybersecurity incident." The company has also hired external experts to investigate the cyberattack that impacted its systems. The company noted that on April 28, 2024, it discovered it was the victim of a cybersecurity incident. London Drugs said that it currently has found no evidence pointing to customer or employee data being impacted.

Researchers from the IMDEA Software Institute, Carlos III University of Madrid, and NEC Laboratories Europe have developed a framework to improve verifiable computation efficiency and practicality. Their paper, "Modular Sumcheck Proofs with Applications to Machine Learning and Image Processing," addresses the scalability and modularity issues faced by general proof systems and solutions for specific AI and image processing applications.

In 2023, Google blocked 2.28 million Android apps from Google Play for policy violations that could compromise user security. Google also blocked 333,000 Google Play accounts that uploaded malware and fraudulent apps, or repeated grave policy violations.

Honeywell released its sixth annual report on USB malware attacks faced by industrial organizations, warning of increased sophistication. The company's Global Analysis, Research, and Defense (GARD) team analyzed data from a security product that detects and blocks malware on USB drives used in customers' industrial environments. Thirty-one percent of all the malware detected by Honeywell's product on USB drives was found to be part of a campaign targeting industrial systems or companies.

Many organizations remain vulnerable to the Cactus ransomware group's exploitation of three flaws in the Qlik Sense data analytics and Business Intelligence (BI) platform nearly five months after security researchers warned about them. In August, the company disclosed two bugs in multiple versions of Qlik Sense Enterprise for Windows. When chained, the vulnerabilities enable remote, unauthenticated attackers to execute arbitrary code on impacted systems. In September, Qlik disclosed a vulnerability that bypassed its fixes for August's two flaws.

A recent analysis by researchers at Akamai Security has shed light on the extent of phishing and smishing attacks targeting the United States Postal Service (USPS), particularly during the holiday season.  The researchers used anonymized global DNS query logs during the study. The researchers found that illegitimate domains mimicking USPS websites attracted nearly equal and sometimes higher traffic than legitimate domains, especially during peak shopping periods like Thanksgiving and Christmas.

A threat actor could exploit a security flaw in the R programming language to create a malicious R Data Serialization (RDS) file that results in the execution of code when loaded and referenced. RDS is a format for serializing and storing the state of data structures or objects in R, an open source programming language applied in statistical computing, data visualization, and Machine Learning (ML). According to the Artificial Intelligence (AI) application security company HiddenLayer, the vulnerability involves using promise objects and lazy evaluation in R.

Okta customers have recently experienced an "unprecedented" rise in credential stuffing attacks supposedly due to anonymizing services and residential proxies. The Identity and Access Management (IAM) vendor's Identity Threat Research team observed an increase in attacks on user accounts between April 19 and 26. These attacks appear to use the same infrastructure as attacks that targeted global Virtual Private Network (VPN) users between March 18 and April 16. All recent attacks use TOR to anonymize requests.