Security researchers have uncovered a new campaign by the Russian-affiliated APT group Gamaredon, leveraging the PteroLNK variant of the Pterodo malware family to target Ukrainian military, government, and infrastructure sectors.

Darktrace plans to purchase a cloud forensics and automation startup led by the former head of PwC's incident response business to enhance the security of multi-cloud environments.

Over 1,000 legitimate shopping websites have been taken over to promote fake products in a credit card scam called "Phish ‘n’ Ships," as per HUMAN's Satori Threat Intelligence team.

Okta warns that exploitation of this flaw could have occurred if organizations had weak or misconfigured policies in place. The exploitation required valid credentials, application-specific sign-on policies, and the use of an "unknown" user-agent.

A total of 14 new vulnerabilities in DrayTek routers have been discovered, affecting over 700,000 devices in 168 countries. These flaws can lead to full compromise of vulnerable devices, with two critical vulnerabilities rated.