WordPress is once again hard-pressed as researchers found thousands of websites compromised in a new campaign. Remember earlier in 2022 when Mandiant researchers identified an attack by APT29 against a European entity? New details about the attack vector have emerged. The Medibank breach keeps getting worse since hackers leaked the data like they threatened to. Read along to know what else transpired over the last 24 hours.

1. A massive black hat SEO campaign compromised almost 15,000 WordPress websites to redirect victims to false Q&A discussion forums - discovered Sucuri.

2. Researchers found that the Russia-linked APT29 cyberespionage gang abused Credential Roaming, a Windows feature, to phish a European diplomatic entity earlier this year.

3. A new info-stealer, dubbed StrelaStealer, was found targeting Outlook and Thunderbird accounts to steal data from multiple sources, including crypto wallets, browsers, clipboard, and cloud gaming apps.

4. BlogXX ransomware group leaked the health data of 48,000 Medibank customers after the firm refused to pay any ransom.

5. Previously unknown Chinese APT group Earth Longzhi was spotted targeting organizations in Ukraine, East Asia, and Southeast Asia with custom ‘Symatic’ Cobalt Strike loaders.

6. Data from Dtex revealed that 12% of all employees carry sensitive intellectual property with them when they leave their company, making it a concerning insider threat.

7. A ransomware attack on the Commack School District, Suffolk County, knocked offline the district's main telephone number. However, its website and social media sites are functional.

8. Several county tax assessors and collector’s office employees in Arkansas were forced to shut down their computer servers, owing to a cyberattack at Apprentice Information Systems.

9. After claiming responsibility for the attack on Continental, the LockBit ransomware group is offering to sell the stolen data for $50 million.

10. Claroty disclosed that oil & gas flow computers and remote controllers manufactured by Swiss firm ABB suffer from a severe flaw that can allow attackers to execute arbitrary co