Security researchers at Patchstack have recently found a new vulnerability in the Backup and Staging by WP Time Capsule plugin, affecting versions 1.22.20 and below.  The researchers noted that the WordPress plugin, with over 20,000 active installations, facilitates website backups and update management through cloud-native file versioning systems. The flaw allowed unauthorized users to exploit a broken authentication mechanism, potentially gaining administrative access to affected sites.

According to security researchers at Have I Been Pwned, over 310 gigabytes of data from spyware maker mSpy, including 2.4 million unique emails, was leaked online in June.  The researchers noted that the data, reportedly leaked online by hacktivists, includes 142 GB of user data, such as email addresses, IP addresses, and names, obtained from support tickets filed by individuals seeking help to install the application.  An additional 176 GB of attachments, including screen captures of financial transactions, photos of credit cards, and selfies, were also leaked.

US telecom giant AT&T, which disclosed Friday that hackers had stolen the call records for tens of millions of its customers, allegedly paid a member of the hacking team more than $300,000 to delete the data.  The hacker, who is part of the notorious ShinyHunters hacking group, tells WIRED that AT&T paid the ransom in May.  The hacker provided the address for the cryptocurrency wallet that sent the currency to him, as well as the address that received it.

Rite Aid has recently fallen victim to ransomware actors after revealing a “limited” cybersecurity incident that occurred last month.  RansomHub has claimed to be behind the incident.  The group claims to have obtained 10GB of data from the pharmacy, equating to “45 million lines” of personal information on customers.  This information includes names, addresses, ID numbers, dates of birth, and Rite Aid reward numbers.  Rite Aid is the third-largest pharmacy chain in the US, with over 2000 locations countrywide and more than $24bn in revenue.

The "Akira" and "EstateRansomware" cybercrime groups have been exploiting a year-old Veeam Backup and Replication vulnerability to steal data. The exploited security flaw, tracked as CVE-2023-27532 with a CVSS score of 7.5, was patched in March 2023. Proof-of-Concept (PoC) code for the vulnerability was published shortly after, and the first exploitation of unpatched Veeam Backup and Replication instances was observed in April 2023. According to Veeam, the bug could be used to extract encrypted credentials stored in the configuration database.

NATO members have agreed to construct a new cyber defense facility to strengthen the military alliance and better combat digital threats. The new NATO Integrated Cyber Defense Centre (NICC) will include civilian and military experts from across member states and use advanced technology to improve situational awareness, cyber resilience, and defense. This article continues to discuss plans surrounding the new cyber defense facility.

A County in Indiana has recently filed a disaster declaration following a ransomware attack on local government networks, which has prevented the administration of critical services.  Clay County made the declaration after confirming the incident, which resulted in an inability to operate Clay County Courthouse and Clay County Probation/Community Corrections facilities.  No group has so far been identified as being behind the attack, which was first detected on July 9.

AT&T recently announced that almost all its wireless subscribers were exposed in a massive hack that occurred between April 14 and April 25, 2024, where a hacker exfiltrated files containing “records of customer call and text interactions” between approximately May 1 and October 31, 2022, as well as on January 2, 2023.

A new end-to-end phishing toolkit called "FishXProxy" makes it easier for cybercriminals to launch and manage malicious email attacks that bypass security. SlashNext Security researchers discovered that FishXProxy, marketed as "The Ultimate Powerful Phishing Toolkit" on underground cybercriminal forums, has advanced features and integration with the Cloudflare Content Delivery Network (CDN).