As first noticed by security researcher vx-underground, an alleged member of the Babuk group released the full source code for their ransomware on a popular Russian-speaking hacking forum.

The zero-day was the work of a new threat actor tracked as DEV-0322, which Microsoft described as “a group operating out of China, based on observed victimology, tactics, and procedures.”

The USCYBERCOM also stressed the importance of patching vulnerable Confluence servers as soon as possible: “Please patch immediately if you haven’t already— this cannot wait until after the weekend.”

Researchers from Rapid7’s IntSights revealed that underground criminals are selling unauthorized access to compromised enterprise networks for up to $10,000.

Developers of Node.js have released a significant update to the technology that resolves five troublesome security vulnerabilities, including some that present a remote code execution risk.

With RaaS evolving into a corporate structure, gangs are looking for negotiators. The role of negotiators is to extort victims into paying the ransom.

Apart from brute-forcing leaked credentials, attackers are impersonating both renowned brands and internal automated systems to trick targets into giving up their credentials or sending money.

More details about a now-patched vulnerability in Comcast’s XR11 voice remotes have emerged, which would have made it easy for a threat actor to intercept radio frequency (RF) communications.

Autodesk has confirmed that it was also targeted by the Russian state hackers behind the large-scale SolarWinds Orion supply-chain attack. One of its servers was backdoored with Sunburst malware.