The Spanish-speaking cybercrime group "GXC Team" bundles phishing kits with malicious Android apps, advancing Malware-as-a-Service (MaaS) offerings. Group-IB, which has tracked the threat actor since January 2023, called the crimeware solution a "sophisticated AI-powered phishing-as-a-service platform." This article continues to discuss findings regarding GXC Team's bundling of phishing kits with malicious Android apps.

The US Department of State is offering $10 million for information on Rim Jong Hyok, an alleged member of the hacking group "APT45," which operates on behalf of a North Korean military intelligence agency, the Reconnaissance General Bureau. The group has targeted foreign businesses, government entities, and the defense industry. This article continues to discuss the US offering a reward of up to $10 million for information on a member of APT45.

A new Checkmarx report highlights that organizations are concerned about security threats posed by developers' use of Artificial Intelligence (AI). The company discovered that 15 percent of organizations explicitly ban AI tool usage for code generation, but 99 percent use them anyway. This article continues to discuss key findings from the "Seven Steps to Safely Use Generative AI in Application Security" report.

Infosecurity Magazine reports "Despite Bans, AI Code Tools Widespread in Organizations"

The National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and others have released a joint Cybersecurity Advisory (CSA) titled "North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime's Military and Nuclear Programs." The CSA includes methods for detecting and mitigating the malicious activities of the Democratic People's Republic of Korea (DPRK) Reconnaissance General Bureau (RGB) 3rd Bureau.

The threat actor "Stargazer Goblin" has found a new way to use GitHub to spread malware and malicious links. Instead of hosting malware on GitHub and luring users to download an infected code package by clicking on a malicious link in a phishing email, the new tactic involves tricking victims into thinking that malicious repositories are legitimate through an operation involving thousands of fake accounts.

According to security researchers at Cisco Talos, ransomware and business email compromise (BEC) attacks accounted for 60% of all incidents in the second quarter of 2024.  Technology was the most targeted sector in this period, making up 24% of incidents, a 30% rise from the previous quarter.  The researchers noted that adversaries may view technology firms as a gateway into other industries and organizations, given their role in servicing various industries, including critical infrastructure.