Apple's AirTags help users find their keys or track their luggage, but AirTag features have also allowed them to be used as a tracking tool for domestic abusers and criminals in stalking targets. Apple has implemented measures to notify iPhone and Android users if an AirTag is in their vicinity for an extended period without the presence of its owner's iPhone, which could mean that an AirTag has been planted to track their location secretly.

NASA has released its first Space Security Best Practices Guide (BPG), a document aimed at improving cybersecurity for future space missions. Concerns regarding the threats that hackers pose to satellite networks and other space initiatives have grown. In August, the FBI, the National Counterintelligence and Security Center (NCSC), and the Air Force Office of Special Investigations (AFOSI) warned that foreign intelligence entities were infiltrating and subverting space industry through various means, including hacking campaigns.

ESET has released its H2 2023 threat report, which highlights cybercriminals' use of the ChatGPT name, the rise of the Lumma Stealer malware, the Android SpinOk Software Development Kit (SDK) spyware, and other issues. In the second half of 2023, ESET blocked 650,000 attempts to access malicious domains with "chatgpt" or a similar string in the name. Lumma Stealer, also known as LummaC2 Stealer, is a Malware-as-a-Service (MaaS) threat that targets multiple cryptocurrency wallets, user credentials, and Two-Factor Authentication (2FA) browser extensions.

The US Cybersecurity and Infrastructure Security Agency (CISA) included creating a "security.txt" file as one of the priority Cybersecurity Performance Goals (CPGs). When security researchers and bug hunters find flaws in an organization's ecosystem, they must know who to contact. Researchers may be unable to quickly determine where to report vulnerabilities if there are no clear reporting channels in place, leaving the organization vulnerable to attackers. However, all organizations can overcome this challenge using a simple security.txt file.

Xamalicious is a new Android backdoor that can perform various malicious actions on infected devices. The malware discovered by the McAfee Mobile Research Team was created using an open-source mobile app framework called Xamarin. It exploits the operating system's accessibility permissions to achieve its goals. It can also gather metadata about the compromised device and contact a command-and-control (C2) server to retrieve a second-stage payload, but only after determining whether it meets the criteria.

Distributed Denial-of-Service (DDoS) attacks have far-reaching consequences beyond inconvenience, as they can cause financial losses, result in compromised data, and erode customer trust. It is important for organizations and individuals to gain further insight into the nature and consequences of DDoS activity to protect their online presence and ensure that critical services continue to flow. To help organizations improve their cybersecurity strategies, Help Net Security has highlighted some excerpts from DDoS attack surveys covered in 2023.

Foreign cyber actors, mainly based in Russia, Iran, and China, are increasing their efforts to influence US audiences ahead of the 2024 national elections. Doppelganger, a Russia-based influence operation, is one example that has established several fake news sites and social media accounts to share stories aimed at inciting political and social divisions in the US in the run-up to the elections. A December 2023 report from Recorded Future identified the Doppelganger group, operating through three sites, each posing as a legitimate news outlet.