The FBI warns that an "APT group" (no further attribution) has been exploiting a zero-day in FatPipe software (WARP, MPVPN, and IPVPN Software) since May at least. Users are encouraged to apply the patches FatPipe issued this week.
JFrog found another software supply chain threat: eleven Python libraries behaving badly (stealing Discord tokens, installing remote access shells, and so on). PyPi, the Python Package Index, has booted the libraries from their portal.
Sometimes insider threats show the convergence of cyberespionage and traditional espionage. One such case, as close to a literal evil maid attack as one might wish to find, has surfaced in Israel, where, Haaretz reports, a cleaner working in the residence of Defense Minister Gantz is charged with espionage for having offered to assist the Iranian cyber threat group Black Shadow. According to SecurityWeek, the Israeli security service Shin Bet said that the accused spy failed to obtain any classified information.
CISA yesterday released six more industrial control system advisories, for Philips IntelliBridge EC 40 and EC 80 Hub, Philips Patient Information Center iX (PIC iX) and Efficia CM Series, Trane Symbio (Update A), Philips Patient Monitoring Devices (Update B), Mitsubishi Electric Factory Automation Engineering Products (Update E), and VISAM Automation Base (VBASE) (Update B).
The US Federal Reserve issued its final rule on computer incident disclosures. Effective May 1, 2022. banks will have thirty-six hours to notify regulators of materially significant incidents.