While the decryptor only works on older versions of Black Basta and has been patched in newer attacks, it provides hope for victims who were affected between November 2022 and the recent bug fix.

The Inc Ransom ransomware group has published several documents, including emails and an invoice, as proof of the hack. It is unclear how much data has been stolen from Xerox Corp.

The technique leverages executables in the trusted WinSxS folder, making it possible to run nefarious code without elevated privileges and introduce potentially vulnerable binaries into the attack chain.

A user on an underground forum is promoting the sale of Zeppelin2 ransomware, offering its source code and a cracked version of its builder tool. Zeppelin2 has been used since 2019, targeting various sectors including healthcare and technology.

The Cactus ransomware group has claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden. They are threatening to release a large amount of personal information.

The United Kingdom’s Radioactive Waste Management (RWM) company recently experienced a cyberattack attempt through LinkedIn. Although the attack was unsuccessful, concerns have been raised about the security of critical nuclear infrastructure.

Multiple information-stealing malware families are exploiting an undocumented Google OAuth endpoint called “MultiLogin” to restore expired authentication cookies and gain unauthorized access to users’ accounts.

Pro-Palestinian hackers belonging to the group Cyber Toufan have successfully breached and leaked data from numerous Israeli entities, including foreign companies doing business with Israel.

TuneFab converter, a tool used to convert copyrighted music from streaming platforms, exposed over 151 million records of users’ private data due to a misconfiguration on MongoDB.