Lazarus strikes again. Mandiant discovered the new MISTPEN backdoor used by UNC2970, targeting senior energy and aerospace employees via a trojanized PDF reader. Crypto influencers, beware! Researchers warned of the Marko Polo gang that lures victims with fake job offers through social media, compromising thousands of devices globally. Meanwhile, organizations using Salesforce were warned of a blind SOQL injection flaw that could allow attackers to exploit the public link feature to access sensitive customer data. Continue reading for more updates from the cybersecurity world.