According to security researchers at eSentire’s Threat Response Unit (TRU), the notorious ALPHV/BlackCat ransomware has been observed using Google Ads to distribute malware.  In a new advisory published recently, the researchers said it intercepted and thwarted attempts by ALPHV/BlackCat affiliates to breach a law firm, a manufacturer, and a warehouse provider within the past three weeks.  The new tactic the researchers observed involves using Google Ads promoting popular software like Advanced IP Scanner and Slack, leading business professionals to attacker-controlled websites.

According to security researchers, hackers are mass-exploiting CitrixBleed, a critical-rated vulnerability in Citrix NetScaler systems, to launch cyberattacks against top organizations globally. These cyberattacks have targeted the aerospace giant Boeing, the world's largest bank ICBC, one of the world's largest port operators DP World, and the international law firm Allen & Overy. Thousands of other organizations are still unpatched against the vulnerability, tracked as CVE-2023-4966.

Quantum computers are expected to break RSA and ECC encryption within the next 7 to 10 years. RSA and ECC are public key encryption algorithms that serve as the foundation for nearly all cybersecurity systems, applications, and protocols. They secure credit card transactions, online banking, medical devices, connected cars, and other systems. Therefore, companies must prepare to ensure they are protected once an adequately advanced quantum computer has been developed.

VMware has disclosed an authentication bypass vulnerability in its Cloud Director Appliance, tracked as CVE-2023-34060 with a CVSS score of 9.8, that can be exploited by an attacker with network access to the appliance to bypass login restrictions when authenticating on port 22 (SSH) or port 5480 (Appliance Management Console). This bypass is not present on port 443 (VCD provider and tenant login). It is also not present on a new installation of Cloud Director Appliance 10.5.

Postmeds, a company doing business as Truepill, is sending data breach notifications, informing recipients that threat actors have compromised their sensitive personal information. Truepill is a Business-to-Business (B2B) pharmacy platform that uses Application Programming Interfaces (APIs) to fulfill orders and service delivery for Direct-to-Consumer (D2C) brands, digital health companies, and other healthcare organizations across the US.

It has recently been discovered that the WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site’s database.  WP Fastest Cache is a caching plugin used to speed up page loads, improve visitor experience, and boost the site’s ranking on Google search.  According to WordPress.org stats, it is used by more than a million sites.