New cybersecurity research discussed that APT41, aka Wicked Panda, has compromised at least 13 organizations across the globe in 2021. The Chinese state-sponsored threat group has been active since at least 2007.

Calgary airline WestJet claims to be investigating a technical fault on its app that enabled its customers to see the personal information of other passengers. No more details have been released.

Bitdefender spotted 35 malicious apps on the Google Play Store with more than two million downloads. They would evade detection by changing their names and icons.

The new BlackByte 2.0 ransomware operation now includes a new data leak site using extortion techniques borrowed from LockBit. The site is being promoted on hacker forums and Twitter accounts.

The .NET-based DarkTortilla crypter has been found flying under the radar since 2015. It deploys infostealers and RATs such as NanoCore, AgentTesla, RedLine, and AsyncRat.

Trustwave researchers reported that Russian cyberattacks on Ukraine have been the work of government-backed intelligence and military agencies, instead of enlisted private groups.

Threat actors were found employing the BumbleBee loader to compromise Active Directory services and used confidential information, such as login IDs and passwords, for lateral movement.

A flaw in the Amazon Ring app, Android version, potentially allowed threat actors to pilfer users’ personal data and device data, including address, recordings, and geolocation.

SynSaber, an industrial asset and network monitoring solution, raised $13 million in Series A funding, led by SYN Ventures, with participation from Rally Ventures and Cyber Mentor Fund.

API and web application protection provider ThreatX raised $30 million in Series B round, led by Harbert Growth Partners, with participation from Vistara Growth, existing investors, and others.