The new strategy of the U.S. government aims to defend against cyberattacks on critical infrastructure, prevent surveillance misuses, and promote digital solidarity among global partners.

The Yahoo Boys, a group of scammers primarily based in West Africa, openly operate on various social media platforms like Facebook, WhatsApp, and Telegram, engaging in fraudulent activities that range from romance fraud to business email compromise.

The Cyber Safety Review Board (CSRB) has added four new members, including Chris Krebs, former Director of the CISA, and David Luber, head of the NSA’s Cybersecurity Directorate.

Aikido, a startup based in Ghent, Belgium, has secured a $17 million Series A funding to develop its innovative security platform tailored for developers. The round was led by Singular, with participation from Notion Capital and Connect Ventures.

HijackLoader is a modular malware loader that is used to deliver second-stage payloads including Amadey, Lumma Stealer, Racoon Stealer v2, and Remcos RAT. HijackLoader decrypts and parses a PNG image to load the next stage.

The German and Czech governments have publicly disclosed that Russian military intelligence hackers, known as APT28, have been involved in an espionage campaign targeting political parties and critical infrastructure in both countries.

The median time to patch bugs listed in the CISA’s Known Exploited Vulnerabilities (KEV) catalog is 174 days, compared to 621 days for non-KEV vulnerabilities, according to an analysis by Bitsight.

Finland’s Transport and Communications Agency (Traficom) highlighted multiple cases of SMS messages written in Finnish that instruct recipients to call a number. The scammer answers the call instructs victims to install a McAfee app for protection.

Ransom recovery costs have surged, with the average payment reaching $2 million, a 500% increase from the previous year. Excluding ransoms, the average cost of recovery has risen to $2.73 million, up by almost $1 million, according to Sophos.