In a new report, security researchers at Critical Start claimed that the education sector is a prime target for threat actors, with 29% of attacks originating from vulnerability exploitation and 30% from phishing campaigns on K-12 schools in 2023.  Another key finding by the researchers is the increasing use of Quick Response (QR) codes in phishing attacks.  The researchers noted that in these attacks, cybercriminals disguise themselves as Microsoft security notifications and embed QR codes within PNG images or PDF attachments to deceive victims.

Researchers have discovered a security flaw in a library within the GNU Object Model Environment (GNOME) for Linux systems. If embedded in a malicious link, the vulnerability could allow instantaneous machine takeover by attackers. GNOME is an open-source desktop environment used by popular Linux distributions such as Ubuntu and Fedora. According to GitHub Security Lab, one of the default GNOME applications contains a dependency with an out-of-bounds array access vulnerability rated "High" (8.8 out of 10) in severity.

Satellite hacking could result in massive disruptions to communications, transportation, and weather forecasts, as well as the loss of sensitive data. Last February, Russia-linked hackers launched destructive malware against the American satellite provider Viasat an hour before the invasion of Ukraine. SpaceX's Starlink satellite also encountered interference from signal jamming, thus limiting bandwidth. As demonstrated at last year's Black Hat conference, a researcher created a tool to hack into Starlink for only $25.

Researchers from the Systems, Networking, and Energy Efficiency (Synergy) Lab at Carnegie Mellon University (CMU) are presenting several multi-year studies on their work regarding ubiquitous sensing at the ACM International Joint Conference on Pervasive and Ubiquitous Computing (UbiComp). The Synergy Lab, led by School of Computer Science Associate Professor Yuvraj Agarwal, focuses on developing more energy-efficient computing in buildings, improving the security and privacy of Internet of Things (IoT) devices, and advancing mobile systems.

Spanish airline Air Europa, the country's third-largest airline and a member of the SkyTeam alliance, recently warned customers to cancel their credit cards after attackers accessed their card information in a recent data breach.  The credit card details exposed in the breach include card numbers, expiration dates, and the 3-digit CVV (Card Verification Value) code on the back of the payment cards.

The National Security Agency (NSA) and US federal partners have released cybersecurity guidance to promote understanding Open-Source Software (OSS) implementation and to provide best practices for securing Operational Technology (OT) and Industrial Control Systems (ICS) environments.