BK Technologies, a manufacturer of mission-critical communication radios for police, fire, and military services, has disclosed a cyber intrusion that resulted in the compromise of internal systems and potential exposure of employee data.

VMSCAPE undermines the isolation between virtual machines and the hypervisor, allowing attackers to extract sensitive data such as cryptographic keys used for disk encryption.

VoidProxy is a PhaaS platform actively used by multiple cybercriminal groups to hijack Microsoft and Google accounts. It targets a wide range of victims, from SMBs to large enterprises, and facilitates real-time theft of credentials.

ChillyHell is a modular macOS backdoor malware that remained undetected for four years after being notarized by Apple in 2021. Despite its malicious nature, the sample had passed Apple’s security checks and was publicly hosted on Dropbox since 2021.

A significant data breach at UK-based software developer Intradev has impacted the Affinity Learning Partnership, a trust operating seven schools and employing over 650 staff. The breach occurred on August 4.

A significant data breach has impacted Access Personal Checking Services (APCS), a major UK-based provider of criminal background checks. The breach originated from a compromise at Intradev.

Security researchers have uncovered that the Chrome extension "FreeVPN.One", previously considered trustworthy, has begun capturing and exfiltrating screenshots of users' browsing activity without consent.

On August 20, China experienced a significant and deliberate disruption of outbound internet traffic. The disruption targeted TCP port 443, effectively severing access to global HTTPS services for over an hour.

A new attack campaign is targeting Apache ActiveMQ servers by exploiting CVE-2023-46604, a critical vulnerability with a CVSS score of 9.8. Threat actors are deploying a custom Linux malware dubbed DripDropper to establish persistence.

Colt Technology Services says a "cyber incident" is to blame for its customer portal and other services being down for a number of days. The issues began on August 12 when a reported incident led to disrupted services for some customers.