intelligence gathering

Up to 100 malicious artificial intelligence (AI)/machine learning (ML) models have been found in the Hugging Face platform.

The LockBit ransomware-as-a-service (RaaS) operation is the "leading" ransomware threat globally in 2022, with the highest number of targets.

Fortinet has released a FortiOS SSL VPN high-risk security vulnerability (Vulnerability CVE: CVE-2024-21762) that may have been exploited in the wild.

More than 60 zero-day vulnerabilities (0day) that have been made public since 2016 are associated with commercial spyware vendors for government agencies, and vulnerabilities exist in products from a number of companies, including Apple, Adobe, Google, and others, where they have been used for attack purposes including targeting journalists and political dissidents. The report notes that a large number of vulnerabilities are actively exploited in 2023.

At a critical point in cybersecurity, the U.S. National Security Agency (NSA) and its Cyber Command (USCYBERCOM) welcomes a new leader, Admiral Timothy D. Howe, who officially takes over on Friday, February 2, 2024....

The Russian APT28 hackers launched a cyberattack against the NTLMv2 hash relay attack, targeting high-value sectors such as diplomacy, energy, defense, and transportation across the globe. They exploited vulnerabilities in software including Cisco networking equipment, Microsoft Outlook and WinRAR to gain access and data.

AnyDesk, the well-known remote desktop software, has been hacked and some of its data compromised. The company has taken steps to fix the vulnerability and is advising users to reset their passwords and download the latest version of the software.

Cloudflare has disclosed that it was subjected to a potential national-level hack in which attackers illegally accessed its Atlassian servers through stolen credentials and ultimately accessed some of the documentation and limited source code.

GitLab has released a security patch to address a critical vulnerability in its workspace creation feature. The vulnerability allows authenticated users to write arbitrary files to GitLab servers, which could lead to data breaches, malware infections, or other security issues.

Recently, a series of malicious advertisements targeting Chinese-speaking users appeared on Google platforms, enticing users to download fake communication applications, which were actually malware containing Remote Administration Trojans (RATs). These ads were found to link to fake websites hosted on Google Docs or Google Sites and spread through Google infrastructure.