The vulnerability, tracked as CVE-2024-27867, affects various AirPods models, Powerbeats Pro, and Beats Fit Pro. An attacker in Bluetooth range could spoof the source device and gain access to the headphones, potentially allowing eavesdropping.

Ta Van Tai, Nguyen Viet Quoc, Nguyen Trang Xuyen, and Nguyen Van Truong are accused of conducting phishing campaigns and supply chain compromises to orchestrate cyberattacks and steal millions of dollars.

Multiple WordPress plugins have been found to contain a backdoor that injects malicious code. This code allows attackers to create unauthorized administrator accounts, enabling them to perform malicious actions.

Google has developed a framework known as Project Naptime, which utilizes a large language model (LLM) for vulnerability research. The framework allows an AI agent to simulate the actions and workflow of a human security researcher.

The vulnerability, tracked as CVE-2024-37032 and dubbed Probllama, was patched in version 0.1.34 released on May 7, 2024. Ollama is a service used for running large language models locally on Windows, Linux, and macOS devices.

The primary objective appears to be gathering intelligence on Taiwan's economic policy, trade, and diplomatic relations. The group focuses on targeting vulnerabilities in internet-facing devices due to their limited security solutions.

This adware is capable of stealing screenshots and interacting with browsers using simulated keystrokes, allowing it to click through ads and redirect the browser to specific URLs, generating revenue for the adware operators.

Researchers have uncovered a new phishing campaign, named PHANTOM#SPIKE, targeting individuals in Pakistan. The campaign utilizes military-themed phishing documents to initiate the infection process.

The US Department of Commerce's Bureau of Industry and Security (BIS) has imposed a ban on Kaspersky Lab's US subsidiary, as well as its affiliates and parent companies, from offering its security software in the country.

SquidLoader is designed to deliver a second-stage payload, such as Cobalt Strike, and has been active since at least April 2024. The payload is delivered through executables with descriptive Chinese filenames and icons resembling Word documents.