Hackers recently stole over $100 million from the cryptocurrency trading platform Poloniex, taking millions of dollars in Bitcoin and Ethereum with them. The platform confirmed its investigation of the theft and plans to compensate those impacted by the hack. The attack on Poloniex comes after a relative lull in cryptocurrency platform attacks. Millions of dollars in coins were stolen from Exactly Protocol and Harbor Protocol in August. Vyper, one of the most popular Web3 programming languages, was exploited earlier this year by hackers who stole at least $61 million in cryptocurrency.

The US Cybersecurity and Infrastructure Security Agency (CISA) has released the latest Secure Tomorrow Series Toolkit, which includes various interactive products designed to teach critical infrastructure stakeholders how to use strategic foresight methods to identify and mitigate emerging risks. After the first iteration of the Secure Tomorrow Series Toolkit was successfully launched in 2022, CISA's National Risk Management Center expanded the Toolkit by adding three new risk topics: Brain-Computer Interfaces (BCIs), synthetic biology, and quantum technologies.

Intel is facing a class-action lawsuit allegedly for the way it handled data-leaking bugs in its CPUs. Five representative plaintiffs allege in a 112-page filing with the San Jose Division of the United States District Court's Northern District of California that the chip giant knew about faulty instructions that enabled issues like the recent "Downfall" bug half a decade before it released any fix. Downfall is a vulnerability, tracked as CVE-2022-40982 with a CVSS score of 6.5, in Intel's sixth to eleventh-generation CPUs.

Hunters International, a new ransomware group, has acquired the source code and infrastructure from the Hive operation. According to Martin Zugec, technical solutions director at Bitdefender, the Hive group's leadership appears to have made the strategic decision to discontinue operations and transfer their remaining assets to this new group. Hive, a once-prolific Ransomware-as-a-Service (RaaS) operation, was shut down in January 2023 as part of a coordinated law enforcement operation.

One of Australia’s biggest port operators is slowly recovering from a “nationally significant” cyber incident that struck late last week, potentially impacting imports and exports for weeks.  DP World Australia was forced to close operations at its Sydney, Melbourne, Brisbane, and Fremantle facilities after the incident struck on Friday.  According to the country’s national cyber security coordinator, Darren Goldie, the port operator has currently begun to restart some operations but cautioned about the longer-term impact.

The BulletProftLink Phishing-as-a-Service (PhaaS) platform, which provided over 300 phishing templates, has been seized, according to the Royal Malaysian Police. The operation started in 2015 but it has been more active since 2018, with thousands of subscribers, some of whom pay for access to batches of credential logs. Through "ready-to-use" kits and templates, page hosting, customization options, credential harvesting, and reverse proxying tools, PhaaS platforms provide cybercriminals with the tools and resources they need to conduct phishing attacks.

The notorious LockBit ransomware group has recently leaked gigabytes of files allegedly stolen from the systems of aerospace giant Boeing.  LockBit recently named Boeing on its leak website, claiming that “a tremendous amount of sensitive data” has been stolen.  However, it later removed the company from its site, saying that negotiations had started.  It has since been readded to the LockBit website, indicating that Boeing might have refused to pay the ransom.  Over 40 gigabytes worth of archive and backup files are available for download.