A Chinese-speaking threat actor known for skimming credit card numbers off e-commerce sites and point-of-sale service providers in the Asia/Pacific region for more than a year has begun aiming at similar targets in North and Latin America as well.

Bruno Kahl, the head of Germany’s foreign intelligence service, warned that liquefied natural gas (LNG) terminals in the country could be targeted by state-sponsored hackers.

Cloud security firm Wiz discovered the privacy snafu when it found the GitHub repository “robust-models-transfer,” which belonged to Microsoft’s AI research division, leaking sensitive internal information.

An April ransomware attack against one of Australia’s largest law firms swept up the data of 65 Australian government agencies, the country’s newly appointed national cybersecurity coordinator said Monday.

The attackers utilized fake trading pools of cryptocurrency from decentralized finance (DeFi) trading applications to defraud their victims, with one individual losing $22,000 in a single week.

“All commands (30 in total) that the malware operator can send to a device infected with ERMAC malware, also exist in Hook. The code implementation for these commands is nearly identical,” NCC Group security researchers said.

According to a report by Elliptic, the North Korea-linked APT group Lazarus has stolen most of $240 million in crypto assets from multiple businesses, including Atomic Wallet ($100m), CoinsPaid ($37.3M), Alphapo ($60M), and Stake.com ($41M).

Earth Lusca, a China-linked threat actor, has developed a Linux variant of the backdoor malware SprySOCKS, which originated from the open-source Windows backdoor Trochilus, indicating their continued active operations and expansion.

Thailand-based digital financial platform, CardX, experienced a data leak exposing personal information of customers, including names, addresses, phone numbers, and emails.