The vulnerability affects default installations of Kubernetes earlier than version 1.28.4 running on-prem deployments and Azure Kubernetes Service, highlighting the importance of patching.

To aid manufacturers, researchers, developers, and cybersecurity professionals, the methodology includes resources for assessing the security of Bluetooth communications and will publish proofs of concept and scripts on GitHub.

The vulnerability in the portal, built on Salesforce’s health cloud, allowed any member of the public registering with the portal to access the vaccination records of other registered users, including personal details and internal HSE documents.

These vulnerabilities could allow attackers to take control of organization accounts on third-party platforms and access sensitive user data, including Personal Identifiable Information (PII).

The VCURMS RAT uses a Proton Mail email address for communicating with a command-and-control server and can extract and execute commands from specific subject lines in emails.

Although the boat-selling company initiated its incident response and business continuity protocols to contain the incident, there was some disruption to its business operations.

A report by Red Canary highlighted that cloud account compromises using the MITRE ATT&CK technique T1078.004 surged to the fourth most prevalent technique used by threat actors, impacting three times as many organizations compared to 2022.

The attackers leverage YouTube by enticing users to watch videos on “How to increase FPS” that contain links to their Discord groups. Once they join, the attackers provide them with links to malicious files disguised as game tweaks and modifications.

The Spanish High Court upheld a three-month ban on Worldcoin, a digital identity and cryptocurrency platform, due to privacy concerns raised by the country’s data regulator.

The malvertising campaigns employed a new redirection chain, abusing legitimate websites to evade detection, with several campaigns impersonating brands such as OneNote, Epic Games, and the Braavos smart wallet application.