The malware uses DLL sideloading techniques to discreetly execute malicious code, actively monitors victims’ interactions with financial portals, and communicates with a C2 server to facilitate data theft and deceptive pop-up windows.

Cybercriminal groups GhostSec and Stormous have collaborated to unleash GhostLocker 2.0 ransomware in targeted attacks across the Middle East, Africa, and Asia, affecting organizations in various sectors.

The shutdown may indicate an exit scam, with the affiliate claiming they still have critical data from Optum and other providers, while ALPHV/BlackCat has shut down its negotiation sites and messaging platform.

The cyber threat actor NoName057(16) is adapting its DDoS tactics with enhanced encryption and tailored software versions to target European entities, particularly those supporting Ukraine.

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense has announced that it successfully breached the servers of the Russian Ministry of Defense (Minoborony) and obtained sensitive documents.

The National Intelligence Service (NIS) of South Korea reported that North Korean hackers targeted two South Korean microchip equipment companies, using “living-off-the-land” techniques to steal product designs and facility photos.

Researchers from Israel Institute of Technology, Intuit and Cornell Tech have developed a computer worm called “Morris II” that targets generative AI (GenAI) applications to spread malware and steal personal data.

UnitedHealth Group is offering short-term financial assistance to healthcare providers affected by the Change Healthcare IT outage, providing interest-free, fee-free funding.

The funding, co-led by Pi Ventures and Kira Studio, brings the total raised to $6 million. The company plans to use the funding to expand its teams and research and development efforts.

American Express has issued a data breach notification after one of its service providers experienced unauthorized access to its systems. This has led to the exposure of American Express Card account numbers, names, and card expiration dates.