Iran-Linked Hackers Target US Critical Infrastructure via Exposed PLCs — Dark Reading

Iranian cyber actors have launched disruptive attacks on US critical infrastructure by exploiting exposed programmable logic controllers (PLCs). The attackers manipulated operational technology (OT) devices, causing file and display alterations. This incident highlights the vulnerability of internet-exposed OT systems to nation-state threats, emphasizing the need for robust network segmentation and rigorous security controls to protect critical systems.

Massive Data Breach Exposes Sensitive LAPD Records — Google News Security

A significant data breach at the LA City Attorney's Office has resulted in the exposure of thousands of sensitive Los Angeles Police Department (LAPD) records. The breach involved unauthorized access to confidential police documents, raising serious cybersecurity concerns for law enforcement agencies. Security teams should prioritize auditing access controls and implementing advanced threat detection systems to prevent similar breaches.

• Hackers use pixel-large SVG trick to hide credit card stealer [BleepingComputer]
• Google: New UNC6783 hackers steal corporate Zendesk support tickets [BleepingComputer]
• Threat Actors Get Crafty With Emojis to Escape Detection [Dark Reading]
• APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies [The Hacker News]