The flaw in Lightning.AI’s platform, which has been patched, would have given root access to an attacker and broad control over a victim’s cloud-based studio and connected systems.

A hacking group linked to Russian intelligence has been observed leveraging seemingly legitimate documents from the Kazakhstan government as phishing lures to infect and spy on government officials in Central Asia.

The operation was carried out by the FBI’s Pittsburgh Office, Albania’s Special Anti-Corruption Body (SPAK) and its National Bureau of Investigation (BKH), the Kosovo Special Prosecution Office, the Kosovo Police, and the Royal Malaysian Police.

WordPress will require two-factor authentication for plugin developers starting October 1, 2024. This mandate will also apply to theme authors. The organization aims to enhance security by preventing hijacked accounts from spreading malicious code.

Israeli cybersecurity firm Check Point Software Technologies has announced the acquisition of threat intelligence company Cyberint, marking its third startup acquisition in a year.

A Yemeni hacking group associated with the Houthi movement has been spying on military personnel in the Middle East by infecting their phones with surveillance software, according to cybersecurity firm Lookout.

The group behind the Predator spyware, Intellexa Alliance, has significantly reduced its operations, indicating that it has been impacted by recent sanctions and exposure.

An advisory panel for the CISA has issued recommendations for improving the Joint Cyber Defense Collaborative (JCDC), a project that aims to enhance collaboration between the government and industry in sharing cybersecurity data.

The FCC is set to vote Thursday on advancing a proposal to improve security for a key component of the modern internet, a rule that eases some of the criticisms of the agency’s previously stated plans for strengthening the Border Gateway Protocol.

As health care providers continue to get hammered by ransomware, a new report from an influential think tank warns that rural hospitals are likely to be hardest hit by such attacks unless the industry makes major cybersecurity investments.