According to researchers at Netcraft, the Chinese-language Phishing-as-a-Service (PhaaS) platform "Darcula" created 19,000 phishing domains in cyberattacks against over 100 countries.

According to Google, the volume of zero-day vulnerabilities it detected increased by over 50% from 2022 to 2023, with bugs in third-party components on the rise.

CISA recently added a second SharePoint flaw, demonstrated last year at a Pwn2Own hacking competition, to its Known Exploited Vulnerabilities (KEV) list.

A new hacking campaign called "ShadowRay" exploits an unpatched vulnerability in Ray, a popular open source Artificial Intelligence (AI) framework, to hijack computing power and leak sensitive data.

Researchers at ReversingLabs have discovered a suspicious package in the NuGet package manager that is likely aimed at developers using tools developed by a Chinese company specializing in industrial and digital equipment manufacturing.

Security researchers at Lumen Technologies recently discovered a 40,000-strong botnet packed with end-of-life routers and IoT devices being used in cybercriminal activities.

The US government is trying to close gaps in its sanctions program against Russia by going after blockchain and virtual currency firms, which it says have helped entities circumvent existing controls.

Apple has recently released fresh security updates for iOS and macOS devices to resolve an arbitrary code execution vulnerability.