Gafgyt primarily targets vulnerable IoT devices, but Trend Micro researchers recently observed this malware being used to attack Docker Remote API servers, signifying a notable shift in its behavior.

"Phishing emails were sent mainly through email services in Japan and Korea until early September," Korean cybersecurity firm Genians said. "Then, from mid-September, some phishing emails disguised as if they were sent from Russia were observed."

Russian authorities have sentenced the leader of the criminal group behind the now-closed dark web platform Hydra Market to life in prison. Additionally, more than a dozen accomplices have also been convicted.

Victims clicking malicious Google ads are redirected to fake sites mimicking official printer brands, where scammers lure them into calling for support by offering printer drivers that fail to install.

South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser's request.

“RevC2 uses WebSockets to communicate with its command-and-control (C2) server. The malware is capable of stealing cookies and passwords, proxies network traffic, and enables remote code execution (RCE),” noted ThreatLabz.

Russian authorities have charged a high-profile hacker for creating malware used to blackmail commercial organizations, the Russian interior ministry said in a statement late last week.

In one of its campaigns, APT35 launched a fake recruitment site, particularly aimed at experts in drone design within the aerospace sector in Thailand. The site featured high-paying job postings, adding legitimacy to the ruse.

ProFTPD contains a critical security flaw that could allow attackers to gain root access to vulnerable systems. The vulnerability, tracked as CVE-2024-48651 (CVSS 7.5), exists in the mod_sql component of ProFTPD versions 1.3.8b and earlier.

Researchers revealed that attackers tend to find and exploit (within a few minutes) AWS access keys leaked on GitHub and DockerHub, and within several hours those exposed on PyPI, Pastebin, and the Postman Community.