According to security researcher Skyler Ferrante, a vulnerability dubbed "WallEscape" in the wall command of the util-linux package included with the Linux operating system could enable an unprivileged attacker to steal passwords or change the victim's clipboard. The security flaw has been present in all versions of the package for the past 11 years up to the recent 2.40 release. While the vulnerability demonstrates how an attacker can trick a user into giving up their administrator password, its exploitation is limited.

The Artificial Intelligence (AI) era, which includes Large Language Models (LLMs) and chatbots, raises new privacy concerns. There are concerns about whether personal information is included in a model's training data.

A team of researchers from Stony Brook University won the National Security Agency's (NSA) 11th Annual Best Scientific Cybersecurity Paper award for their paper titled "Uninvited Guests: Analyzing the Identity and Behavior of Certificate Transparency Bots." The winning paper focused on autonomous systems that probe newly created websites. The Stony Brook researchers discovered tens of thousands of malicious bots involved in suspicious activities such as data exfiltration, reconnaissance, and vulnerability exploitation.

According to the Financial Services Information Sharing and Analysis Center (FS-ISAC), generative Artificial Intelligence (AI) provides significant business and cybersecurity benefits to financial companies, but cyber threats related to the technology remain a concern. Threat actors can use generative AI to create malware. Skilled cybercriminals can exfiltrate information from or poison Large Language Models (LLMs) that train generative AI. Using corrupted outputs can have serious legal, reputational, and operational effects on financial institutions.

Security flaws discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be exploited by malicious actors to forge keycards and sneak into locked rooms. When combined, the vulnerabilities, collectively named "Unsaflok," enable an attacker to unlock all rooms in a hotel with a single pair of forged keycards. Full technical details about the vulnerabilities have not yet been shared due to their potential impact. The flaws affect over three million hotel locks across 13,000 properties in 131 countries.

The video game company Activision is investigating a hacking campaign aimed at stealing players' credentials. Aside from stealing passwords for various types of accounts, it is unclear what the hackers' specific goals are. The malware campaign appears to have been discovered first by Zebleer, a developer and seller of cheating software. Zebleer described the effort as an "infostealer malware campaign," in which malware disguised as legitimate-looking software is unknowingly installed by the victim and steals their usernames and passwords.

The US Department of the Treasury has issued a warning about the cybersecurity risks posed by Artificial Intelligence (AI) to the financial sector. The report, based on Presidential Executive Order 14110 on the "Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence," also makes a number of recommendations for financial institutions on how to mitigate these risks.

A phishing campaign called "Operation FlightNight" involves phishing lures disguised as invitation letters from the Indian Air Force. The malicious campaign has targeted Indian government entities, including agencies for electronic communications, Information Technology (IT) governance, and national defense. The phishing emails carry an ISO file containing malware as well as a shortcut file (LNK) appearing to be the PDF invitation letter. When opened, it executes the hidden malware while displaying a decoy document that was most likely stolen in a previous intrusion and repurposed.

A campaign involving an updated version of "TheMoon" malware has targeted End-of-Life (EoL) small business routers and Internet of Things (IoT) devices through a cybercriminal proxy service called "Faceless." Lumen Technologies' Black Lotus Labs team discovered that TheMoon malware, which first appeared in 2014, was working quietly while growing to over 40,000 bots from 88 countries by January and February this year. Black Lotus Labs first described the malware in 2019 and noted that it is in a new phase.