The worm autonomously searches for SSH credentials, modifies itself to remain fileless, and uses a variety of methods to collect private keys, making it difficult to detect statically.

The breach affected nearly 2.4 million patients and compromised sensitive information such as names, contact details, medical records, and in some cases, Social Security numbers and insurance information.

Resilience, a cyber insurance startup, has acquired BreachQuest, a cybersecurity company specializing in incident response solutions, to enhance its cyber risk management software and incident management solution.

The UK’s National Crime Agency (NCA) has gained control of LockBit’s site and has exposed the identities of the affiliates, disrupted the affiliate infrastructure, and destroyed the servers used for data exfiltration.

1Password, a password management software developer, has acquired Kolide, an endpoint security platform, for an undisclosed amount. Kolide’s device security and contextual access management solution will be integrated into 1Password’s offerings.

The botnet’s campaign has evolved through three distinct phases, testing new infection routines and defense evasion techniques before potentially launching a broader attack.

FixedFloat, a non-KYC crypto exchange, was hacked for $26 million worth of Bitcoin and Ethereum due to vulnerabilities and insufficient security measures, leading to frozen transactions and missing funds.

The company confirmed that no credit/debit card numbers were compromised and assured that customer accounts are protected by multifactor authentication, ensuring security from unauthorized access.

ReversingLabs’ research revealed a broader campaign involving multiple packages and sophisticated tactics, indicating an emerging trend of DLL sideloading attacks in open-source environments.

The malware is distributed through links to bogus sites on social media and messaging platforms, and it is designed to filter out Facebook credentials while evading detection by security software.