Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads.

Cisco Talos described the brute-forcing attempts as using both generic and valid usernames for specific organizations, with the attacks indiscriminately targeting a wide range of sectors across geographies.

The attacks begin with malicious emails containing seemingly innocuous document attachments (Excel and Word files) that exploit the CVE-2017-11882 flaw, a commonly targeted Microsoft Office Equation Editor vulnerability fixed in 2017.

The so-called Handala threat group alleged in a message on Telegram that it sent 500,000 text message warnings to Israeli citizens, which contains anti-Israeli government rhetoric, according to a report in The Jerusalem Times.

According to cybersecurity researcher MalwareHunterTeam, the threat actors have now begun monetizing the pool of compromised WordPress sites to display pop-ups promoting fake NFT offers and crypto discounts.

A police investigation has been launched after MPs were apparently targeted in a “spear-phishing” attack, in what security experts believe could be an attempt to compromise the UK Parliament.

The systems confirmed inoperable include tax and online property payments, issuance of marriage licenses, and inmate searches. In response, the Assessment, Collection and Recorder of Deeds offices at all county locations were closed.

The disappearance of the personal files of EUROPOL officials poses a serious risk to the impacted individuals and the agency’s operations, including its investigations. EUROPOL notified the impacted individuals and the EDPS.

The cybercriminals behind INC Ransom are claiming responsibility for the ongoing cybersecurity incident at Leicester City Council, according to a post caught by security researchers.

In late February 2024, the Foundation received a few support requests and became aware of a misconfiguration of OWASP’s old Wiki web server. The misconfiguration led to a data breach involving old member resumes.