Security Bulletin

Vulnerable Jupyter Notebook instances have been subjected to attacks by a suspected Tunisia-based threat actor leveraging the novel Qubitstrike intrusion set, which facilitates cryptomining and cloud compromise, The Hacker News reports.

Attacks exploiting WinRAR zero-day linked to Russian, Chinese hackers TechCrunch reports that numerous Russian and Chinese state-backed hacking operations have been leveraging an already patched WinRAR vulnerability, tracked as CVE-2023-38831, in...

North Korea's Lazarus Group, also known as TEMP.Hermit or Hidden Cobra, has been continuing its Operation Dream Job campaign with new intrusions leveraging trojanized Virtual Network Computing apps targeted at defense industry and nuclear engineers...

Attacks exploiting a vulnerability impacting JetBrains TeamCity continuous integration and deployment servers, tracked as CVE-2023-42793, have been launched by North Korean state-sponsored threat operations Diamond Sleet and Onyx Sleet, reports The...

Two weeks after the first data leak from the DNA ancestry service, the threat actor produces an additional 4 million user records they purportedly stole.

Known threat groups Diamond Sleet and Onyx Sleet focus on cyber espionage, data theft, network sabotage, and other malicious actions, Microsoft says.

Several countries in Europe as well as the United States and Japan were involved in the operation, which is aimed at defanging one of the bigger names in ransomware.