Over 650K harmful domains crafted to mimic ChatGPT.

Multiple malicious domains registered to resemble ChatGPT have been discovered by cybersecurity researchers at ESET. Hackers are exploiting the credibility of the ChatGPT model to deceive users into trusting fraudulent websites. They are using the model’s reputation to trick individuals into revealing sensitive information or downloading malicious content. The Russian ransomware group Cl0p recently launched a massive campaign using a zero-day vulnerability in MOVEit, and they are now leaking data on the open web if the ransom isn’t paid. The FBI has noted that ransomware attacks are evolving with multi-variant attacks and the use of wipers following data theft and encryption. Cybersecurity researchers have also found and disabled the Mozi botnet, which had been one of the largest in the world for three years. Android devices are being targeted for DDoS attacks by the new threat Android/Pandora. Insecure handling of OpenAI API keys and the use of Android spyware are also significant threats. Additionally, there has been a surge in three-year-old JS/Agent and persistent Magecart attacks on unpatched websites. Cryptostealers, such as Lumma Stealer, are also increasing in prevalence, targeting crypto wallets. It is essential for developers and admins to implement better security measures to prevent these threats.