The Polish government is increasing its cybersecurity budget to €1bn this year, after Russian sabotage attempts targeted hospitals and urban water supplies. Poland was facing between 20 and 50 attempts to damage critical infrastructure every day.

A new malware campaign tracked as EvilConwi is actively abusing ConnectWise’s ScreenConnect software to distribute signed malware. This follows earlier exploitation of CVE-2024-1708 and CVE-2024-1709 in February 2024.

A newly identified Russia-affiliated threat actor, Void Blizzard (also known as LAUNDRY BEAR), has been conducting widespread cyberespionage operations targeting critical sectors across NATO member states and Ukraine.

A Turkish-aligned cyber-espionage group known as Marbled Dust has exploited a zero-day vulnerability in Output Messenger to conduct surveillance on Kurdish military operations in Iraq.

Microsoft Defender Experts has observed a rise in malicious campaigns that use Node.js to deliver malware and other harmful payloads. These campaigns aim to steal information and exfiltrate data from compromised systems.

These campaigns lead to phishing pages delivered via the RaccoonO365 phishing-as-a-service (PhaaS) platform, remote access trojans (RATs) like Remcos, and other malware like Latrodectus, BruteRatel C4 (BRc4), AHKBot, and GuLoader.

A new version of the phishing-as-a-service (PhaaS) platform "Darcula" is launching, with a feature that allows anyone to spoof any brand online, with no technical skill required.

The sender address used by the threat actor in this campaign impersonates a US government official, continuing Star Blizzard’s practice of impersonating known political/diplomatic figures, to further ensure target engagement.

According to the FTC’s latest data spotlight, task scam reports skyrocketed from virtually none in 2020 to 5,000 in 2023, then quadrupled to an alarming 20,000 in just the first half of 2024.

The new phishing kit called "Xiu Gou" has been targeting users in the US, UK, Spain, Australia, and Japan since at least September 2024. Discovered by Netcraft, it features a cartoon mascot and over 2000 phishing websites targeting various sectors.