Multiple threat groups believed to be working in support of China’s long-term economic interests are continuing to hammer away at networks belonging to organizations in the US and Europe.

Apple’s Big Sur 11.4 patches a security flaw that could be exploited to take screenshots, record audio and video, and access files on someone else’s Mac without their knowing.

First discovered in 2019, the JSWorm ransomware gained infamy under several other names such as Nemty, Offwhite, and Nefilim, among others.

The FBI has identified at least 16 Conti ransomware attacks targeting U.S. healthcare and first responder networks, such as emergency medical services, law enforcement agencies, municipalities, and 911 dispatch centers.

SonicWall urges customers to ‘immediately’ patch a post-authentication vulnerability impacting on-premises versions of the Network Security Manager (NSM) multi-tenant firewall management solution.

Salesforce led a new funding round in the Wiz, according to a person familiar with the matter. Existing investors include Greenoaks Capital, Advent International, Sequoia, and Insight Partners.

ClearSky attributed multiple attacks on cryptocurrency exchanges to a threat actor, dubbed CryptoCore, and linked its activities with Lazarus. It swindled hundreds of millions of dollars from the U.S., Israel, Europe, and Japan over the past three years.

After a hiatus, Zeppelin ransomware, a possible variant of the Vega Ransomware-as-a-Service (RaaS), is active again. Without stepping into the trend of double extortion, it can still cause serious damage to victims’ systems.

Attacks on Taiwan-based QNAP continue to turn ugly. It is now advising its clients to update the HBS 3 disaster recovery app to block Qlocker ransomware actors who now use a backdoor that exploits a hard-coded credentials vulnerability.

The Scattered Canary group is already suspected of making millions defrauding the states of Hawaii, Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Washington, and Wyoming.