Researchers at Wiz have identified an ongoing campaign targeting exposed Selenium Grid services for illicit cryptocurrency mining. The campaign, known as SeleniumGreed, is exploiting older versions of Selenium to run a modified XMRig miner.

BlackMeta, known for targeting organizations in Israel, UAE, and the US, used a cybercrime service called InfraShutdown to target a UAE bank for $500-$625 a week. The attach lasted 100 hours in total.

Several major Russian banks were hit by DDoS attacks that disrupted their mobile apps and websites. State-owned VTB and Russian Agricultural Bank confirmed the attacks, with VTB attributing it to a foreign source.

dYdX's decentralized finance (DeFi) exchange v3 website was hacked in a DNS hijack attack, compromising the platform. Users were warned not to visit or interact with the hacked website and to avoid withdrawing assets until the platform was safe.

Channels with millions of subscribers, including Times of Ukraine and Real Kyiv, were affected by the hack. Ukrainian broadcaster Suspilne stated that 270 Ukrainian channels were compromised, with hackers spreading false narratives and propaganda.

Indian crypto exchange WazirX disclosed a loss of virtual assets worth more than $230 million due to a cyber attack linked to North Korea. The attack targeted a multi-signature wallet with six signatories, leading to a breach in security measures.

A coordinated wave of DNS hijacking attacks recently targeted decentralized finance (DeFi) cryptocurrency domains. Attackers used the Squarespace registrar to redirect visitors to phishing sites that aimed to steal cryptocurrency and NFTs.

The attack, identified as a distributed denial-of-service attack (DDoS), affected websites of security services, police, fire and rescue services, and the academy for public security forces.

Remote access solution provider TeamViewer confirmed that the Russian hacking group APT29 breached its corporate IT environment. The hack on TeamViewer was traced back to an employee account.

TeamViewer, a leading provider of remote access tools, has confirmed that its corporate network is currently under a cyberattack. The company has identified the attackers as a government-backed Russian intelligence group known as APT29.