Top Breaches, Malware, and Vulnerabilities Reported in the Last 24hrs

1. Microsoft linked the Prestige ransomware attacks to Iridium, a Russian state-sponsored threat actor with ties to the Sandworm APT group.

2. A new phishing campaign posing as Agencia Tributaria, the Spanish tax agency, was discovered in an attempt to steal credit card information.

3. The Royal ransomware gang claimed responsibility for the attack on Silverstone Circuits, a motor racing track in the United Kingdom. An investigation is currently underway.

4. The HHS issued a warning about the Venus ransomware group, which targets publicly accessible Remote Desktop services. It has targeted at least one healthcare organisation in the United States.

5. The FBI has issued a warning to families of teenage victims who committed suicide after sending sexualized photos to highly organised cybercrime gangs.

6. Lookout researchers discovered two surveillance campaigns in China and abroad targeting Uyghurs. BadBazaar and MOONSHINE Android surveillance tools are used by threat actors.

7. In light of attacks on energy, transportation, and space assets, the European Commission proposed a cyber defence policy, urging member states to "significantly increase" cybersecurity investment.

8. Zscaler discovered the Xenomorph banking trojan, which was spreading through the Google Play Store and was embedded in a lifestyle app. Todo: Day Manager has received over 1,000 downloads.

9. Worok, a threat actor, was discovered concealing information-stealing malware within PNG images in order to compromise targets' devices without raising suspicions.

10. Privacy and security framework compliance firm Laikaraised$50million in Series C funding, led by Fin Capital, with participation from J.P. Morgan Growth Equity Partners, Canapi, and ThirdPrime.