The Associated Press (AP) has warned that users of a popular writing style guide have been hit by phishing attacks after their personal information was compromised in a data breach.

The CISA added CVE-2023-33246 to its Known Exploited Vulnerabilities Catalog. It means government agencies have until September 27 to apply a vendor patch to affected systems, although private enterprises are encouraged to follow suit.

As part of the observed attacks, threat actors are using Google Looker Studio to create fake crypto pages that are then delivered to the intended victims in emails sent from the legitimate tool itself.

Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to code execution by tricking users into opening specially crafted files.

The individuals targeted by the sanctions “include key actors involved in management and procurement for the Trickbot group, which has ties to Russian intelligence services,” according to the U.S. Treasury.

A new campaign has been discovered with similarities to a previous campaign, including the use of social media sites to build rapport with targets. The threat actors then engage in encrypted messaging and send a malicious file with a 0-day exploit.

Researchers at Akamai have unearthed a concerning shift in the behavior of dynamically seeded Domain Generation Algorithm (DGA) families within Domain Name System (DNS) traffic data.

Attackers execute malicious scripts through a feature of the installer called Custom Action, dropping several payloads — including the M3_Mini_Rat client stub backdoor, Ethereum mining malware PhoenixMiner, and multi-coin mining threat lolMiner.

Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group’s Pegasus mercenary spyware.