Over 1,000 "Godfather" mobile banking Trojan samples are circulating in dozens of countries, targeting hundreds of banking apps. Godfather, which can record screens and keystrokes, intercept Two-Factor Authentication (2FA) calls and texts, initiate bank transfers, and more, was discovered in 2022. It has become one of the most popular Malware-as-a-Service (MaaS) offerings in cybercrime. According to Zimperium's 2023 "Mobile Banking Heists Report," Godfather targeted 237 banking apps in 57 countries as of late 2023.

​The Los Angeles County Department of Health Services recently disclosed a data breach after thousands of patients' personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees. This integrated health system operates the public hospitals and clinics in L.A. County (the most populous county in the United States) and is the second largest public health care system in the country after NYC Health + Hospitals.

Healthcare service provider Kaiser Permanente recently disclosed a data security incident that may impact 13.4 million people in the United States.  Kaiser Permanente is an integrated managed care consortium and one of the largest nonprofit health plans in the U.S. It operates 40 hospitals and 618 medical facilities in California, Colorado, the District of Columbia, Georgia, Hawaii, Maryland, Oregon, Virginia, and Washington.

According to the Shadowserver Foundation, over 1,400 CrushFTP Managed File Transfer (MFT) software instances are vulnerable to a zero-day. The Server-Side Template Injection (SSTI) bug, tracked as CVE-2024-4040 with a CVSS score of 9.8, enables remote attackers to escape the Virtual File System (VFS) sandbox, gain administrative privileges, and execute arbitrary code. This article continues to discuss the vulnerability of more than 1,400 CrushFTP servers to an actively exploited zero-day for which Proof-of-Concept (PoC) code has been published.

Several Brocade SANnav Storage Area Network (SAN) management application flaws could compromise vulnerable appliances. Pierre Barre, an independent security researcher, found and reported 18 flaws in all versions up to 2.3.0. Due to incorrect firewall rules, insecure root access, Docker misconfigurations, and lack of authentication and encryption, an attacker can intercept credentials, overwrite arbitrary files, and breach the device. This article continues to discuss the potential exploitation and impact of the Brocade SANnav SAN security vulnerabilities.

A new campaign called "Dev Popper" is using fake job interviews to trick software developers into installing a Python Remote Access Trojan (RAT). To make the interview seem legitimate, developers are asked to download and run code from GitHub.

Bitwarden surveyed 2,400 people in the US, UK, Australia, France, Germany, and Japan about password habits. Twenty-five percent of respondents globally reuse passwords across 11 to over 20 accounts, and 36 percent use personal information in their credentials publicly accessible on social media platforms and online forums. Most respondents use memory (53 percent) and handwriting (34 percent) for work account passwords.

According to the Cybersecurity and Infrastructure Security Agency (CISA), the US government and critical infrastructure entities were sent 1754 ransomware vulnerability notifications under the Ransomware Vulnerability Warning Pilot (RVWP) program in 2023, resulting in 852 vulnerable devices being secured or taken offline. The highest number of alerts were sent to government facilities (641), which encompasses a range of federal, state, and local government organizations, including schools and higher education facilities.