Cyware Weekly Threat Intelligence - May 20–24
![Cyware Weekly Threat Intelligence - May 20–24 - Featured Image](/_next/image?url=https%3A%2F%2Fimages.ctfassets.net%2Fzcd9ovevodsf%2F38ESzXDIMUaaQgPc6SwbK8%2F4ae95e0f9f088478c69e5444c0990597%2F5655_shutterstock_2111740181.jpg&w=2048&q=75)
Weekly Threat Briefing • May 24, 2024
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Weekly Threat Briefing • May 24, 2024
In a dramatic sweep against the shadowy underbelly of the internet, authorities have dismantled several dark web marketplaces in Operation SpecTor, seizing drugs, firearms, counterfeit currencies, and cryptocurrency. Meanwhile, the White House has rolled out a framework to safeguard U.S. workers from AI risks, emphasizing health, safety, and job transition support.
In a brazen cyberattack, JAVS courtroom software was compromised, affecting over 10,000 installations worldwide. Simultaneously, Apple’s Wi-Fi Positioning System is facing scrutiny for potential privacy abuses, enabling global tracking. Meanwhile, the GitCaught campaign, exploiting GitHub and FileZilla, is spreading malware, raising alarms about sensitive data theft by possible Russian-speaking threat actors.
In a digital cloak and dagger, researchers unveiled Hijack Loader's new anti-analysis tactics, bypassing defenses and distributing potent malware. Meanwhile, two students exposed a vulnerability in CSC’s laundry machines, triggering cycles without payment via a flawed API. Additionally, over 20,000 WordPress sites using the UserPro plugin face a critical security flaw, risking unauthorized access through compromised password resets.