Threat actors are always finding new ways to deploy malicious packages on public registries for programming languages. They want to execute malware code when those packages are imported and used in projects. In an attack campaign that was recently identified on NuGet Gallery, the repository for .NET packages, malicious actors use the inline tasks feature of the MSBuild code building tool to execute malicious code.

The Forum of Incident Response and Security Teams (FIRST) has released the fourth version of the Common Vulnerability Scoring System (CVSS). CVSS is a standardized framework used to assess the severity of software security vulnerabilities. It is used to assign numerical scores or qualitative representations (e.g., low, medium, high, and critical) to vulnerabilities according to their susceptibility to exploitation, impact on confidentiality, and more.

MITRE ATT&CK v14 is the newest iteration of the popular investigation framework and knowledge base of cyberattackers' tactics and techniques. ATT&CK aims to classify and catalog cyber adversaries' behaviors in real-world attacks. The framework is constantly being modified to consider new behaviors related to attackers’ interactions with devices, systems, and networks.

A senior White House official announced on October 31 that 40 countries in an alliance led by the US plan to sign a pledge to never pay ransom to cybercriminals and to make an effort to eliminate the hackers' funding mechanism. The International Counter Ransomware Initiative is a response to the worldwide increase in ransomware attacks. Anne Neuberger, US deputy national security adviser for cyber and emerging technologies in the Biden administration, highlighted that the US is by far the most impacted with 46 percent of such attacks.

According to researchers at the Pennsylvania State University who crawled millions of websites, online privacy policies may not only be difficult to find but also nonexistent. They discovered that only one-third of online organizations made their privacy policies available for review.

Researchers at the cybersecurity company ESET have observed what they believe to be a dismantling of the Mozi botnet, which has infiltrated over a million Internet of Things (IoT) devices globally. During an investigation of the botnet, the researchers claim to have seen the "sudden demise" of Mozi. Mozi is a peer-to-peer IoT botnet that hijacks home routers and digital video recorders through the abuse of weak telnet passwords and known exploits.

Faculty and Ph.D. students at the Rochester Institute of Technology's (RIT) ESL Global Cybersecurity Institute identified problems regarding generative hate speech in Google's PaLM2 Large Language Model (LLM), which drives Bard. These issues show the fundamental limitations of LLMs. The team pointed out that despite LLMs being deployed for the general population, there are no proper guardrails in place to ensure that they are not used to generate hate speech and other harmful content.

Information Technology (IT) security experts have developed a new method to monitor nuclear disarmament treaties. They created a mechanism that uses radio waves to remotely monitor if any changes are being made in a specific room. The researchers describe the approach's robustness and security in the journal Nature Communications.

A study conducted by faculty and students at the University of Chicago and the University of Maryland uncovered tensions and breakdowns in the sociotechnical infrastructure of emergency remote learning that have compromised the privacy and data of elementary school students. The team of researchers explored how remote learning affected teachers, parents, and PreK-6 students regarding privacy and security. The study aims to better prepare decision-makers to address these problems before another crisis occurs.

HP Wolf Security has found fake malware designed to lure would-be cybercriminals into compromising their own devices. The cybersecurity company came across the operation during a routine examination of the web's dark corners for its third quarter report. It exposed the attackers who were hosting fake Remote Access Trojans (RATs) on GitHub in an attempt to trick inexperienced cybercriminals into infecting their own computers.