At least six different botnet malware operations are seeking TP-Link Archer AX21 (AX1800) routers that are vulnerable to a command injection security flaw. The flaw, tracked as CVE-2023-1389, is a high-severity unauthenticated command injection vulnerability in the locale Application Programming Interface (API) reachable via the TP-Link Archer AX21 web management interface. Researchers discovered it in January 2023 and notified the vendor through the Zero-Day Initiative (ZDI). TP-Link addressed the issue by releasing firmware security updates in March 2023.

According to an investigation conducted by Google Cloud's Mandiant security group, over the past two years, the "Sandworm" hacker group has played a major role in supporting Russian military objectives in Ukraine. The group has been increasing cyber threat operations in other areas of strategic political, economic, and military interest to Russia. Researchers found that Sandworm, also tracked as APT44, has been responsible for almost all disruptive and destructive cyberattacks in Ukraine since Russia's invasion in February 2022.

Google and Mozilla recently announced security updates that address more than 35 vulnerabilities in their browsers, including a dozen high-severity flaws.  Chrome 124 was released in the stable channel with patches for 22 bugs, 13 of which were reported by external researchers.  Google noted that of the externally reported flaws, three are high-severity issues.  Based on the bug bounty reward handed out, the most severe of these is CVE-2024-3832, described as an object corruption defect in the V8 JavaScript engine.

Microsoft has discovered a new method for jailbreaking Large Language Model (LLM) Artificial Intelligence (AI) tools and has revealed its continued efforts to improve LLM safety and security. Microsoft described the "Crescendo" LLM jailbreak method in a recent paper, delving into how an attacker can send a series of seemingly benign prompts to gradually lead a chatbot, such as OpenAI's ChatGPT, Google's Gemini, Meta's LlaMA, or Anthropic's Claude, to deliver output that the LLM model would normally filter and refuse.

A team of researchers at Pohang University of Science and Technology (POSTECH) significantly advanced online security by integrating an Artificial Intelligence (AI)-based metasurface with oblique helicoidal cholesteric liquid crystals. The continued development of digital technology calls for greater security for personal data online. Encryption systems are critical to the stability of Internet communication and serve as the foundation for online privacy.

A social engineering attack has compromised a third-party provider responsible for handling telephony for Cisco's Duo Multi-Factor Authentication (MFA) service. Cisco Duo customers have been warned to be on the lookout for follow-on phishing attacks. Customers were notified that the company handling SMS and VOIP MFA messaging traffic for Cisco Duo had been breached on April 1. The threat actor allegedly used compromised employee credentials, and once inside the service provider's systems, they downloaded SMS logs for specific users.

The OpenJS Foundation has thwarted a "credible takeover attempt" similar to the one that resulted in a backdoor being put in the open source XZ Utils package by someone called "Jia Tan." The malicious maintainer achieved that position through a successful long-term social engineering campaign. Lasse Collin, the project's author and primary maintainer, was convinced to share the duty of keeping the project running smoothly.