Security researchers at Check Point Security have uncovered a trend involving the exploitation of 1-day vulnerabilities, including two in Ivanti Connect Secure VPN.  The flaws, identified as CVE-2023-46805 and CVE-2023-21887, were quickly exploited by multiple threat actors, leading to various malicious activities.  Tracking these exploits, the researchers said it encountered a cluster of activities attributed to a threat actor dubbed Magnet Goblin.

Roku recently disclosed a data breach in which over 15,000 customer accounts were hacked to make fraudulent purchases of hardware and streaming subscriptions. According to researchers, threat actors are selling the compromised accounts for as little as $0.50 each. Those who purchase the accounts can use stored credit cards to make illegal purchases. Roku first disclosed the data breach, revealing that 15,363 customer accounts had been hacked in a credential stuffing attack where threat actors collect credentials from previous data breaches and use them to log in to other websites.

The BianLian ransomware group has exploited JetBrains TeamCity software vulnerabilities. While investigating a recent attack attributed to the BianLian ransomware group, GuidePoint Security researchers discovered that the threat actors' infiltration of the target involved exploiting vulnerabilities in a TeamCity server. Since its emergence in August 2022, the BianLian ransomware has been used in attacks against organizations in healthcare, manufacturing, and other industries.

According to security researchers at Defiant, a high-severity vulnerability in the Ultimate Member plugin can be exploited to inject malicious scripts into WordPress sites.  Tracked as CVE-2024-2123, the vulnerability is described as a stored cross-site scripting (XSS) issue via several parameters, allowing attackers to inject web scripts into a site’s pages to be executed whenever those pages are loaded. The researchers noted that the flaw exists because of insufficient input sanitization and output escaping.

According to security researchers at Sucuri, hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code.  The researchers noted that the flaw leveraged in the attacks is tracked as CVE-2023-6000, a cross-site scripting (XSS) vulnerability impacting Popup Builder versions 4.2.3 and older, which was initially disclosed in November 2023.

Taiwan-based QNAP Systems recently announced patches for multiple vulnerabilities impacting its products, including a critical severity bug leading to unauthenticated device access.  Tracked as CVE-2024-21899 (CVSS score of 9.8), the vulnerability is described as an improper authentication issue that "could allow users to compromise the security of the system via a network." According to the company, the issue impacts its QTS, QuTS hero, and QuTScloud products, essentially exposing network-attached storage (NAS) devices to unauthenticated access.

Quantum computers can solve complex problems significantly faster than classical computers and are expected to improve Artificial Intelligence (AI) applications in devices such as self-driving cars. However, quantum computers are vulnerable to adversarial attacks. A team of researchers from the University of Texas at Dallas and an industry collaborator have developed a method to strengthen the protection of quantum computers against these attacks.

Researchers at Georgia Tech are developing a new Artificial Intelligence (AI)-based technique to automatically detect and block cyber threats faced by renewable energy and local generators for energy customers across the power grid. The study will focus on protecting Distributed Energy Resources (DERs), including rooftop solar panels, controllable electric vehicle chargers, and more. There is a cybersecurity concern that an attacker could exploit these systems to cause problems throughout the electrical grid, such as overloading components and voltage fluctuations.

Professors George Grispos, Ph.D., and William Mahoney, Ph.D., at the University of Nebraska Omaha's (UNO) College of Information Science and Technology (IS&T) are researching vulnerabilities faced by onboard systems as well as shipping and receiving ports. Their study highlights potential vulnerabilities such as false data manipulation in ship navigation systems and GPS spoofing attacks on port infrastructure. They are also looking into how cyberattacks impact various systems.

A research team led by the University of California, Irvine (UCI) has demonstrated potentially dangerous vulnerabilities in Light Detection and Ranging (LiDAR) technology, which many autonomous vehicles use to navigate streets, roads, and highways. They showed how to use lasers to trick LiDAR into "seeing" objects that are not present while missing those that are. Lead author Takami Sato, a UCI Ph.D. candidate in computer science, and his colleagues investigated spoofing attacks on nine commercially available LiDAR systems.