Security Bulletin

The group, called FishMonger or Aquatic Panda, is working under contract for the Chinese government to steal data from governmental organizations, Catholic charities, NGOs, think tanks, and more.

The FBI's Denver field office says the tools will convert documents while also dropping malware and scraping users' systems for sensitive data.

More than 40% of all Internet-facing container orchestration clusters are at risk.

Driver with expired certificate evades EDR controls and deploys Medusa ransomware.

The persistent threat actor was caught using sophisticated Web shell techniques against an unnamed telecommunications company in Asia.

Russia and China spend billions of dollars on state media, propaganda, and disinformation, while the Trump administration has slashed funding for US agencies.

FCC chair warns these companies may still be operating in the US because they don't believe that being added to its "Covered List" poses any serious risk.

Once security teams recognize that Macs are vulnerable, they can take the needed steps to keep their macOS users safe.

Reuters reports that widely known cryptocurrency mixing service Tornado Cash had sanctions imposed by the Biden administration over its involvement in the laundering of over $7 billion for North Korean hackers and other cyber threat actors repealed...

More than a million households, primarily in Russia, had their credentials, logs, network configurations, and other sensitive details leaked following the compromise of network equipment vendor Keenetic's Mobile App database, Cybernews reports.

The Cloak ransomware operation has laid claim on a significant cyberattack against the Virginia Attorney General's Office last month, reports SecurityWeek.