For providers

The state-sponsored threat group is capable of exploiting fresh software vulnerabilities within hours of their initial discovery.

The ransomware-as-a-service platform just rolled off the assembly line, also targets Windows, and uses Golang for cross-platform capabilities.

Officials at South Africa's National Health Laboratory Service have announced plans to restore the operations of some services disrupted by a recent ransomware attack claimed by the BlackSuit ransomware gang by the middle of the month as the country responds to ongoing Mpox, HIV, and tuberculosis epidemics, according to The Record, a news site by cybersecurity firm Recorded Future.

The campaign, which distributes dozens of malicious jQuery variants across npm, GitHub, and jsDelivr, appears to be a manual effort, and lacks the typical pattern that characterizes similar, related attacks.

Hong Kong-based computer hardware manufacturer Zotac had more than 20,000 data entries, including return merchandise authorization files, serial numbers, and personal details accidentally leaked after being uploaded to a publicly accessible file server, enabling the viewing of such information via Google search, Digital Trends reports.

BleepingComputer reports that Ticketmaster had 38,745 tickets for 154 concerts and events from its print-at-home ticketing solution TicketFast exposed by Sp1d3rHunters after the ticketing giant dismissed the attackers' initial leak of 166,000 Taylor Swift ticket barcodes as useless owing to the constant generation of new barcodes.

Neiman Marcus was reported by Have I Been Pwned founder Troy Hunt to have had more than 31 million email addresses compromised in a May data breach, which the U.S. luxury retailer disclosed in a filing with Maine regulators to have only impacted 64,472 individuals, according to BleepingComputer.

SecurityWeek reports that intrusions involving the exploitation of a format string injection vulnerability in the widely used general document conversion toolkit Ghostscript, which could be used to achieve remote code execution, have already been ongoing.

AI without security poses significant risks, including data compromise and manipulation. Cisco encourages partners to prioritize security by design, transparency, and continuous monitoring to ensure AI's safe and effective integration into our lives.