A user on an underground forum is promoting the sale of Zeppelin2 ransomware, offering its source code and a cracked version of its builder tool. Zeppelin2 has been used since 2019, targeting various sectors including healthcare and technology.

The Cactus ransomware group has claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden. They are threatening to release a large amount of personal information.

The United Kingdom’s Radioactive Waste Management (RWM) company recently experienced a cyberattack attempt through LinkedIn. Although the attack was unsuccessful, concerns have been raised about the security of critical nuclear infrastructure.

Multiple information-stealing malware families are exploiting an undocumented Google OAuth endpoint called “MultiLogin” to restore expired authentication cookies and gain unauthorized access to users’ accounts.

Pro-Palestinian hackers belonging to the group Cyber Toufan have successfully breached and leaked data from numerous Israeli entities, including foreign companies doing business with Israel.

TuneFab converter, a tool used to convert copyrighted music from streaming platforms, exposed over 151 million records of users’ private data due to a misconfiguration on MongoDB.

Multiple malware-as-a-service info stealers now have the ability to manipulate authentication tokens to gain persistent access to a victim’s Google account, even after the user has reset their password.

The North Korean Kimsuky APT has recently been observed using a new variant called AlphaSeed, written in Golang, which uses chromedp for communication with the command-and-control server.

The scam involved the developer downloading npm packages from a GitHub repository, which potentially allowed the attackers to gain access to his machine and drain his wallet.