The leaked information, including phone numbers, email addresses, encrypted passwords, and vehicle rental details, could be exploited by cybercriminals for financial gain and fraudulent activities.

The attack occurred on September 28 and resulted in data being stolen before the hackers encrypted company systems. The breach impacted patients associated with ESO’s customers, including hospitals and clinics in the US.

The leaked data, which included information on property history, tax records, and mortgage details, could be exploited by threat actors for social engineering and financial fraud.

The trojan is distributed through WhatsApp messages, prompting users to download an APK for a mandatory verification procedure. Once installed, it collects personal and financial information and intercepts SMS messages to steal verification codes.

The German police, along with international law enforcement agencies, have seized the dark web marketplace Kingdom Market, which offered drugs, malware, stolen data, and forged documents.

The scam tweets often appear to be from well-known crypto accounts like Binance and Ethereum, but they lead to unrelated users promoting fake giveaways, wallet-draining websites, and pump-and-dump schemes.

Prompt injection poses a significant threat to LLM integrity, especially when LLM-powered agents interact with external systems, and safeguarding their operations requires meticulous attention to confidentiality levels and access controls.

Cybersecurity training startup SimSpace has raised $45 million in a funding round led by L2 Point Management, bringing its total raised to $70 million. It creates digital replicas of organizations’ tech and networking stacks for training purposes.

Seedworm (aka Muddywater) continues to use a combination of living-off-the-land and publicly available tools, but has also developed its own custom tools, such as a custom build of Venom Proxy and a custom keylogger.