Cyberespionage threats are intensifying globally as state-backed actors and cybercriminals deploy advanced malware and deceptive tactics to steal sensitive data and manipulate targets. North Korea’s APT Group123 has been targeting South Korea, Japan, Vietnam, the Middle East, and others to conduct cyberespionage and information theft. A new macOS malware dubbed FrigidStealer is spreading through fake Safari updates. Meanwhile, the FBI has warned of a cyber campaign leveraging deepfake text and AI-generated voice messages. Continue reading further for more cybersecurity news from the last 24 hours.
01
A North Korean APT Group123 has been targeting South Korea, Japan, Vietnam, the Middle East, and others for cyberespionage and information theft with a wide range of malware and exploits, including SLOWDRIFT, Maui ransomware, and various CVEs.
02
FrigidStealer malware is targeting macOS users through fake Safari browser updates, stealing passwords, crypto wallets, and notes using DNS-based data theft methods.
03
A new malware campaign has been found using PowerShell-based shellcode loaders to deploy Remcos RAT, leveraging malicious LNK files disguised as Office documents.
04
Researchers have uncovered an ongoing phishing campaign targeting Kuwait’s fisheries, telecommunications, and insurance sectors, utilizing over 230 domains and shared SSH authentication keys to deploy cloned login portals and impersonated websites.
05
Malicious PyPI packages, such as checker-SaGaF, steinlurks, and sinnercore, are being used to validate stolen email addresses against TikTok and Instagram accounts.
06
Printer company Procolored has unknowingly distributed malware-infected software containing the XRed backdoor and SnipVex clipbanker, putting users at risk of data theft and remote access attacks.
07
The FBI has warned against a cyber campaign using deepfake text and AI-generated voice messages to impersonate senior U.S. officials, targeting former federal and state officials.
08
A critical iOS kernel vulnerability (CVE-2023-41992) has resurfaced in a public POC. The vulnerability allows malicious apps to bypass signature validation and elevate privileges.
09
Researchers have uncovered new vulnerabilities in Intel CPUs, including Branch Privilege Injection (BPI) and self-training Spectre v2 attacks. These flaws enable memory leaks and bypass security barriers.
10
Proofpoint has announced its acquisition of the German cloud security firm Hornetsecurity for over $1 billion.
