One of the key findings from the technical write-up, published by Sysdig today, is the group’s use of a script capable of simultaneously deploying multiple cryptocurrency miners.

The gang, which researchers at the Moscow-based cybersecurity company F.A.C.C.T. have dubbed “Muliaka,” or Muddy Water in English, has left minimal traces from its attacks but has likely been active since at least December 2023.

Cybersecurity researchers from Bitdefender discovered critical vulnerabilities in LG TVs running webOS versions 4 through 7. These vulnerabilities could allow attackers to gain complete control over the TV, steal data, or install malware.

The researchers presented two variations of what they call Ahoi attacks. One of them, dubbed Heckler, involves a malicious hypervisor injecting interrupts to alter data and control flow, breaking the integrity and confidentiality of CVMs.

The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice. The email header has an email address format that uses the domain ‘temporary[.]link’.

A new LinkedIn threat combines breached users’ accounts and an evasive 2-step phishing attack. A recent Python-based infostealer called Snake targets Facebook users with malicious messages.

The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.

According to cybersecurity researcher MalwareHunterTeam, the threat actors have now begun monetizing the pool of compromised WordPress sites to display pop-ups promoting fake NFT offers and crypto discounts.

The KernelCare team is working on deploying a live patch for CVE-2024-1086 for CloudLinux users. A patch has already been released for CloudLinux 6h and CloudLinux 7, and users can manually update without a live patch.