After decentralized finance platforms, threat actors have moved on to decentralized music platforms. In one such attack, the adversary stole millions. A ransomware gang has raided the email lists of arts organizations by targeting a marketing solution provider. It promised not to use the data for evil. In other news, global malware volumes observed the first rise in three years. Hop on to read the top 10 cybernews from the past 24 hours.

1. Audius, a decentralized music platform, suffered a cyber incident in which the hackers made off with 18 million AUDIO tokens, amounting to $6 million. The attackers also transferred the entire Audius community pool to their wallet.

2. A ransomware gang took down mailing list provider WordFly and pilfered data belonging to the U.S.-based Smithsonian, the Courtauld Institute of Art in London, and Canada’s Toronto Symphony Orchestra.

3. A new set of malicious Android apps laden with adware and malware were found on the Google Play Store. The apps have been installed more than 10 million times.

4. Sucuri found a DHL phishing page that exfiltrates payment card information by using the popular Heroku hosting app platform. Attackers are reportedly using the Herokuapp service to appear legitimate and evade detection.

5. New data from SonicWall revealed that malware surged by 11% (2.8 billion) in the first half of this year. This marks the first recorded rise in global malware volumes in three years.

6. Experts discovered similarities between LockBit 3.0 and BlackMatter from overlaps in harvesting and privilege escalation routines and the use of anti-debugging and threading to disrupt analysis.

7. Report by Palo Alto Networks disclosed that attackers usually start scanning for vulnerabilities within 15 minutes of disclosure. The report covers 600 incident response cases.

8. Microsoft warned against threat actors increasingly using malicious IIS web server extensions to backdoor unpatched Exchange servers. IIS web servers have a lower detection rate as compared to web shells.

9. FIN7, one of the most skilled APT groups, added ransomware to its arsenal to accelerate its attacks and broadened its TTPs and relationships with other ransomware actors.

10. The HHS urged healthcare entities to review their tactics and potential mitigation strategies for ongoing web application attacks against the healthcare sector.

11. NetStandard, a U.S. MSP, was forced to shut down its MyAppsAnywhere cloud services, owing to a cyberattack. The attacks also shut down the company’s main site.

12. IBM’s Cost of a Data Breach report revealed that the total cost of a data breach is $4.35 million, a 13% increase since 2020. Stolen credentials are responsible for 19% of all breaches, followed by phishing at 16%.

13. Researchers spotted four suspicious packages in the npm repository, which contained highly obfuscated malicious JS and Python code. Dubbed LofyLife, the campaign steals Discord tokens and payment card information.

14. Microsoft connected the Knotweed threat actor to the Austrian surveillance firm DSIRF. The group targets entities in Central America and Europe with the Subzero surveillance malware.

15. The U.S. State Department announced rewards up to $10 million for information pertaining to cyberthreats by North Korean hackers, including cyberespionage, crypto theft, and other nation-backed activities.

16. European police conducted two major operations—Operation Theater and Operation Wine Cellar—against BEC fraudsters and arrested 100 suspects. The BEC scheme raked $28 million in profits from 94 organizations.

17. The Spanish Police arrested two individuals suspected to be responsible for the attack on the country’s radioactive alert network, from March to June, 2021.

18. As Microsoft blocked macros, threat actors have moved on to new attack vectors, including ISO, RAR, and LNK attachments. Researchers observed a 66% plunge in macros usage between October 2021 and June 2022.

19. Naoris Protocol, decentralized cybersecurity mesh provider, raised $11.5 million in a new funding round, with Draper Associates, Holt Xchange, Brendan Holt Dunn, Level One Robotics, and others as investors.

20. Bot mitigation and fraud detection platform Human Security merged with PerimeterX, application protection platform, at undisclosed terms.