The malvertising campaign is run via Google ads aimed at seniors. The threat actor is creating hundreds of fake websites via Weebly to host decoy content to fool search engines and crawlers while redirecting victims to a fake computer alert.

The new, rather sophisticated PowerShell script automates data theft from compromised networks. The script uses PowerShell to automate data exfiltration and consists of multiple functions, including Work(), Show(), CreateJobLocal(), and fill().

Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the issue on April 11, 2023.

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access system files.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

CERT-In issued an ‘Urgent- High Alert’ warning to all Central and state agencies and departments to be alert of potential attacks by Indonesian hackers and report any such incidents to them immediately.

Weak passwords and other comprises of user identity continue to drive security incidents for Google Cloud customers, with weak passwords accounting for nearly half of the incidents affecting its clients, according to a report released by the company.

The exchange said it will suspend all withdrawals temporarily to conduct additional security checks, and withdrawals are expected to resume on April 18, 2023. The exchange explained that they will compensate all identified users affected in full.

UK regulators have imposed an £81,000 (~$101,000) fine on a former TSB information officer over the bank’s IT meltdown in 2018 that left millions of customers locked out of their accounts.

“GuLoader, also known as CloudEyE, is a loader malware that is known to deliver additional malware, such as infostealers and Remote Access Trojans (RATs),” wrote eSentire’s Threat Response Unit (TRU).