Iranian attackers use Log4Shell

Microsoft has warned that an Iranian state-based threat actor it calls Mercury is using the Log4Shell flaws in applications from IT vendor SysAid against organizations located in Israel.

Urgent correction of Atlassian ships

Atlassian’s security response team has issued an urgent advisory to warn of a critical command injection flaw in its Bitbucket Server and Data Center product.

Targeted Cloud Instances

The threat actor known as TeamTNT has been targeting cloud instances and containerized environments on systems around the world for at least two years.

Crypto theft from Bitcoin ATMs

Cybercriminals abused a zero-day flaw in General Bytes Bitcoin ATM servers to steal cryptocurrency. The hack allowed hackers to receive the cryptocurrency funds to their accounts whenever a user makes a deposit through a compromised ATM. Abusing zero-day