A Chinese cyber-espionage campaign revealed by Microsoft last week compromised the government email account of the US ambassador to China and other officials, a new report has claimed.

The exposed data included passwords, secret tokens, and credentials, which could have been used by malicious actors to carry out attacks such as phishing campaigns and website manipulation.

The leak, which initially occurred in 2021 but gained more attention after being re-published on a public hacking forum, has led to high-profile users receiving malicious calls, texts, and emails.

Technologies that underpin solar and wind energy storage systems, which are central to transferring renewable power to the grid, are potential hacking risks, experts noted at a congressional hearing Tuesday.

Hackers are using URL redirects within Google ads to lead users to malicious sites, leveraging the trust and legitimacy of Google Ads. This technique, known as BEC 3.0, involves referencing legitimate sites instead of spoofed ones.

Distributed Denial of Service (DDoS) botnets have been used to actively exploit a critical vulnerability found in Zyxel firewall models. The flaw, identified by Fortinet security researchers as CVE-2023-28771, explicitly affects Linux platforms.

A security breach was detected on May 31, 2023, when suspicious activity was identified within its network. The affected systems were immediately taken offline to prevent further unauthorized access.

DeliveryCheck is distributed via email with malicious macros and can breach Microsoft Exchange servers to install a server-side component, turning a legitimate server into a malware C2 server.

U.S. cybersecurity and intelligence agencies have released a set of recommendations to address security concerns with 5G standalone network slicing and harden them against possible threats.

Customers of the Russian medical laboratory Helix have been unable to receive their test results for several days due to a “serious” cyberattack that crippled the company’s systems over the weekend.