TrustedSec released a post-exploitation framework called "Specula", which exploits CVE-2017-11774 to create a custom Outlook Home Page using WebView and execute arbitrary commands on compromised Windows systems.

Ransomware operators like Black Basta and Akira have already used this vulnerability in attacks, with Storm-0506 deploying Black Basta ransomware on the ESXi hypervisors of a North American engineering firm.

According to an analysis by TRM Labs, Russian-speaking threat actors were responsible for over 69% of all ransomware-related cryptocurrency earnings in the past year, amounting to more than $500 million.

WhatsApp currently blocks certain file types considered risky, but Python and PHP scripts are not included in the blocklist. Security researcher Saumyajeet Das identified this vulnerability while testing file attachments in WhatsApp conversations.

The vulnerability (CVE-2023-45249) was patched nine months ago but is still being exploited in attacks. Admins are advised to update their systems immediately to prevent unauthorized remote code execution.

Meta has taken down 63,000 Instagram accounts in Nigeria involved in sextortion scams, including a network of 2,500 accounts linked to 20 individuals targeting adult men in the US.

The operation started in France on July 18, 2024, and is anticipated to extend to other countries like Malta, Portugal, Croatia, Slovakia, and Austria. Victims in France will be individually notified by the ANSSI about the clean-up process.

The issue originates from a test Secure Boot key provided by American Megatrends International (AMI) that was not replaced by OEMs, resulting in devices shipping with untrusted keys.

ServiceNow RCE vulnerabilities are being actively exploited to steal credentials. Threat actors are using publicly available exploits to target government agencies and private firms for data theft.

The new warning messages help users understand the danger posed by each downloaded file from the Internet. Google has implemented a two-tier download warning system using AI-powered malware verdicts from its Safe Browsing service.