Duke University engineers have demonstrated a system called "MadRadar" that can deceive automotive radar sensors. The technology can hide an approaching car, create a phantom car where none exists, or even mislead the radar into believing a real car has quickly deviated from its course. It can do this without having prior knowledge regarding the specific settings of the victim's radar, thus making it a significant threat to radar security.

Two more individuals have recently been indicted for their role in a credential stuffing attack resulting in unauthorized access to thousands of user accounts at a fantasy sports and betting website.  According to the Department of Justice (DoJ), the individuals, Nathan Austad, 19, of Farmington, Minnesota, and Kamerin Stokes, 21, of Memphis, Tennessee, allegedly participated in compromising the accounts using usernames and passwords obtained from other data breaches and attempted to sell access to the accounts.

A threat actor who uses USB devices for initial infection has been discovered abusing legitimate online platforms such as GitHub, Vimeo, and Ars Technica to host encoded payloads hidden in content that appears to be harmless. The attackers put these payloads in forum user profiles on technology news websites or video descriptions on media hosting platforms. The payloads pose no risk to those visiting these web pages because they are just text strings. However, they still play a major role in downloading and executing malware.

International law enforcement has detained 31 suspected cybercriminals and discovered 1,300 malicious servers used to conduct phishing attacks and distribute malware. Interpol's Operation Synergia ran from September to November 2023. It was launched in response to the growth and escalation of transnational cybercrime, as well as the need for coordinated action against new cyber threats. The operation involved nearly 60 law enforcement agencies and a few private companies.

A comprehensive code security audit focusing on several components of the Tor anonymity network conducted by researchers at Radically Open Security discovered more than a dozen vulnerabilities, including an issue classified as "high risk."  The researchers conducted that audit between April and August 2023, covering the Tor browser, exit relays, exposed services, infrastructure, and testing and profiling tools.  The audit, a crystal box penetration test (where the tester has access to the source code), uncovered a total of 17 security issues.

The Computer Emergency Response Team in Ukraine (CERT-UA) recently warned about a PurpleFox malware campaign that has infected at least 2,000 computers in the country.  The CERT-UA noted that the exact impact of this widespread infection and whether it has affected state organizations or regular people's computers hasn't been determined.  PurpleFox (or "DirtyMoe") is a modular Windows botnet malware first spotted in 2018 that comes with a rootkit module allowing it to hide and persist between device reboots.

The US government took action to neutralize a botnet of hundreds of US-based Small Office and Home Office (SOHO) routers hijacked by Volt Typhoon, a China-linked Advanced Persistent Threat (APT) actor. The Black Lotus Labs team at Lumen Technologies revealed the botnet's existence in mid-December 2023. According to the Department of Justice (DOJ), most of the routers in the KV-botnet were Cisco and NetGear routers that were vulnerable because they were no longer supported through their manufacturer's security patches or software updates.

The FritzFrog cryptocurrency mining botnet is growing as a recently analyzed variant exploits the Log4Shell and PwnKit vulnerabilities for lateral movement and privilege escalation. The FritzFrog botnet, discovered in August 2020, is a Peer-to-Peer (P2P) botnet run by Golang-based malware. It targets SSH servers by brute-forcing login credentials and has successfully compromised thousands of them.