Since 2005, US educational institutions have had 3,713 data breaches, affecting about 37.6 million records. According to Comparitech, 2023 saw a record 954 breaches, up from 139 in 2022 and 783 in 2021. Over 800 institutions were affected by MOVEit file transfer software vulnerabilities, causing this surge. The number of compromised records in 2023 rose to nearly 4.3 million from 2.6 million in 2021 and 2022. Third-party breaches compromised 1.7 million records, and 65 ransomware attacks compromised 1.9 million.

Two previously undocumented backdoors, "LunarWeb" and "LunarMail," targeted an unnamed European Ministry of Foreign Affairs (MFA) and its three diplomatic missions in the Middle East. ESET attributed the activity to the Russia-aligned cyber espionage group "Turla" with medium confidence, citing tactical overlaps with previous campaigns. Turla, an Advanced Persistent Threat (APT) found to be affiliated with Russia's Federal Security Service (FSB), has been active since at least 1996. It has targeted government, embassies, military, education, research, and pharmaceutical industries.

Mississippi healthcare provider Singing River Health System (SRHS) recently notified roughly 900,000 individuals that their personal information was compromised in an August 2023 ransomware attack. SRHS revealed that its systems were compromised on August 16, 2023, while ransomware was deployed three days later, on August 19. SRHS noted that during this timeframe, the attackers accessed personal information such as names, addresses, dates of birth, Social Security numbers, and health and medical information.

According to Check Point researchers, threat actors are exploiting Foxit PDF Reader's flawed alerts to deliver malware via booby-trapped PDFs. The researchers analyzed several campaigns involving malicious PDF files targeting Foxit Reader users. The attackers use various .NET and Python exploit builders, with the "PDF Exploit Builder" being the most popular. They create PDF documents with macros that execute commands/scripts. These download and execute "Agent Tesla," "Remcon RAT," "Xworm," "NanoCore RAT," and other malware.