Chinese APT Targets Azerbaijani Energy Sector — The Hacker News

A Chinese-affiliated threat actor, 'FamousSparrow', has been linked to multiple intrusions targeting an Azerbaijani energy firm. The group is exploiting vulnerabilities in Microsoft Exchange to gain access and persist within the network. This highlights the ongoing risk to critical infrastructure from state-sponsored actors, emphasizing the need for robust patch management and threat detection capabilities.

Exim Mailer Vulnerability Allows Remote Code Execution — BleepingComputer

A critical vulnerability in the Exim mail transfer agent could allow remote code execution when certain configurations are in place. With a publicly available proof-of-concept, threat actors could exploit this flaw to gain control over affected systems. Organizations using Exim should prioritize patching and review their configurations to mitigate potential exploitation risks.

• West Pharmaceutical says hackers stole data, encrypted systems [BleepingComputer]
• Attackers Weaponize RubyGems for Data Dead Drops [Dark Reading]
• Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday [The Hacker News]
• Foxconn confirms cyberattack claimed by Nitrogen ransomware gang [BleepingComputer]