The CISA and the FBI published a joint advisory recommending organizations implement threat hunting to eradicate Iranian APTs that abused Log4Shell to infiltrate a federal agency network.

Around 40% of Magento 2 websites are being targeted by at least seven hacking groups, in a massive wave of TrojanOrders attacks that exploit the CVE-2022-24086 Magento 2 vulnerability.

Checkmarx detected hundreds of WASP info-stealer infections via malicious PyPI packages built to pilfer credentials, cryptocurrency, and personal information.

New report by Comparitech revealed that, since 2018, 500 publicly-disclosed ransomware attacks cost the healthcare industry $92 billion in downtime, impacting 49 million patient records.

Emotet has returned to the threat landscape after a hiatus of four months, noted Proofpoint researchers. In a new update, it is now dropping IcedID.

Europol’s EC3, along with law enforcement agencies from 19 countries, conducted a month-long operation and arrested 59 scammers as part of an international crackdown against credit card fraud.

A report by the U.S. DOD states that hackers are increasingly targeting the agency itself and the U.S. defense industrial base. It found that a majority of cyber incident reports are incomplete.

SaaS-based secrets management platform Akeyless raised $65 million in Series B funding, led by NGP Capital and existing investors as participants.

AppSec startup ArmorCode raised $14 million in Series A round led by Ballistic Ventures, with Sierra Ventures and Cervin Ventures as participants.