The U.S. Department of Health and Human Services (HHS) has warned hospitals about the actively exploited Citrix Bleed vulnerability used by ransomware gangs to breach networks, emphasizing the urgent need for patching.

The scams involved SIM swapping, social media account takeovers, Zelle payment fraud, and impersonating Apple Support personnel to steal money, NFTs, cryptocurrency, and other valuable digital property.

A Russian national, Vladimir Dunaev, has pleaded guilty for his involvement in developing TrickBot malware, which targeted hospitals and healthcare centers with ransomware attacks during the COVID-19 pandemic.

Over 30,000 servers have reached the end-of-life stage, with many still vulnerable to critical security issues. Some of these vulnerabilities can lead to remote code execution.

A variant of the DJvu ransomware, named Xaro, has been identified in a campaign that leverages cracked software for distribution. Xaro is spread through an archive file masquerading as legitimate freeware. Organizations are advised to whitelist apps or sites to stay safe.

Meta has disrupted influence operations from China and Russia, highlighting the challenges posed by generative artificial intelligence and the use of perception hacking to sow doubt in democratic processes.

The impact of the cyberattack on MGM Resorts was largely felt in September and has been mostly resolved by October, with the company reporting that business is back to normal.

Vitalii Chychasov, a Ukrainian citizen, has been sentenced to eight years in prison for running a marketplace that sold personal information of millions of Americans, impacting about 24 million people in total.

Integration of RETVec in Gmail has significantly improved spam detection rates, reduced false positives, and decreased computational costs, making it ideal for large-scale applications and on-device models.

The new SEC rules on cybersecurity risk management and incident disclosure will require publicly traded companies to reevaluate their security strategies and provide investors with a greater understanding of the cyber threats they face.