Authorities in Australia and the US recently announced the arrest and indictment of two individuals for their roles in developing and selling the Hive remote access trojan (RAT).  Initially developed and distributed under the name of Firebird, the malware was marketed as a remote access tool that could stay hidden and steal sensitive information from the targeted systems.  The Australian man was charged with twelve counts of computer offenses and is scheduled to appear in court on May 7.

The National Security Agency (NSA) has published a Cybersecurity Information Sheet (CSI) titled "Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems." The CSI aims to help National Security System (NSS) owners and Defense Industrial Base (DIB) companies that will deploy and operate AI systems designed and developed by an external entity. The guidance is also applicable to anyone else bringing AI capabilities into a managed environment, particularly those in high-threat, high-value environments.

According to Binarly, there is an unpatched security flaw impacting the Lighttpd web server in Intel and Lenovo Baseboard Management Controllers (BMCs). Although the original flaw was discovered and patched by Lighttpd maintainers in August 2018 with version 1.4.51, the lack of a CVE identifier or advisory has caused it to be overlooked by AMI MegaRAC BMC developers. It has made its way into products made by Intel and Lenovo.

Purdue University researchers have launched a multidisciplinary project to model, simulate, and analyze Cyber-Physical Systems (CPS), aiming to improve system robustness and make system analysis more scalable and effective. The Defense Advanced Research Projects Agency (DARPA) is sponsoring the multiphase $6.5 million project named "FIREFLY," through its FIRE (Faithful Integrated Reverse Engineering and Exploitation) program.

The Daixin Team ransomware gang claimed responsibility for a recent cyberattack against Omni Hotels & Resorts, threatening to publish sensitive customer information if a ransom is not paid. A warning was issued in October 2022 about the Daixin Team cybercrime gang launching ransomware attacks against the US Healthcare and Public Health (HPH) sector. Since then, the group has been linked to a number of incidents involving the theft of Patient Health Information (PHI) and Personally Identifiable Information (PII).

 Cybersecurity researchers at vpnMentor have uncovered a significant data exposure concerning nearly 300,000 taxi passengers in the UK and Ireland.  The researchers found a non-password-protected database containing personal details.  These records, belonging to Dublin-based iCabbi, a dispatch and fleet management technology provider, were left vulnerable to potential exploitation.  The researchers noted that the exposed database contained 22,745 records and .csv documents with customers’ names, emails, phone numbers, and user IDs.

A recent incident in West Africa further highlights the ongoing threat posed by the LockBit ransomware. With stolen administrator credentials, cybercriminals have deployed a customized variant of the ransomware that can self-propagate. They compromised corporate infrastructure using privileged access, demonstrating the continued risk posed by the leaked LockBit 3.0 builder. The builder was leaked in 2022, but attackers, even those without advanced programming skills, continue to use it to create customized versions.

Millions of people and companies could soon benefit from the full power of next-generation quantum computing because of a breakthrough by scientists at Oxford's Department of Physics that ensures security and privacy. A new study details the advancement, which promises to unlock the transformative potential of cloud-based quantum computing. In the new study, the researchers use an approach called "blind quantum computing." The approach connects two completely different quantum computing entities securely. Their new methods are scalable to large quantum computations.

Claroty analyzed the Industrial Control System (ICS) malware "Fuxnet," used recently by Ukrainian hackers in an attack on a Russian underground infrastructure company. The hacker group known as "Blackjack," which is suspected to be affiliated with Ukraine's security services, claimed to have launched attacks on several critical Russian organizations. The hackers targeted Internet Service Providers (ISPs), utilities, data centers, and Russia's military, allegedly causing damage and stealing sensitive information.