The ongoing threat campaign known as VEILDrive is utilizing Microsoft services such as Teams, SharePoint, Quick Assist, and OneDrive in its operations to distribute spear-phishing attacks and store malware.

A suspected cyberattack believed to be orchestrated by the Ukrainian Cyber Alliance led to the disruption of the parking enforcement system in the Russian city of Tver. Citizens were able to park for free.

Malicious actors executed a sophisticated supply chain attack on the widely-utilized JavaScript library lottie-player, infecting versions 2.0.5, 2.0.6, and 2.0.7 with malicious code that prompts a fake Web3 wallet connection.

Trend Micro researchers observed an attacker exploiting the Atlassian Confluence vulnerability CVE-2023-22527 to achieve remote code execution for cryptomining via the Titan Network.

The attackers heavily rely on PowerShell and BAT scripts to download additional payloads and create an administrative user account on compromised systems, lowering authentication barriers for unauthorized remote access.

APT41, a Chinese nation-state actor, conducted a cyberattack targeting the gambling and gaming industry. Over six months, they gathered valuable information from a company including network configurations and user passwords.

Novaya Gazeta Europe, an independent Russian news site, faced a series of DDoS attacks causing its website to go offline temporarily. The attacks lasted from Monday to Wednesday, with junk page requests reaching 12 million per minute.

The attacks disrupted the websites of various organizations, including the majority political party, major manufacturers, and local governments. A threat actor named "NoName057(16)" claimed responsibility, warning against measures against Russia.

The attack compromised three trusted developers through a sophisticated malware injection despite the developers using hardware wallets and being geographically distributed, allowing the hacker to access private keys and drain user funds.

The Ethereum restaking protocol EigenLayer experienced a security breach resulting in the theft of tokens. Suspicious selling activities from a specific wallet address triggered alarms within the crypto community.