Two more Chinese espionage operations are reported. One, and exclusive in SC Magazine, involves the hacking of human rights lawyers, particularly those affiliated with Lawyers Without Borders. The second incident comes to light via a complaint by South Sudan's Ministry of Information and Broadcasting, which accuses Huawei of intruding into networks and corrupting data.
A clearer picture of Russian operations against Western targets also emerges, as analysts review the recently disclosed hack of a White House network (still officially unattributed, but Russia generally thought to be the "state-sponsored actor" responsible). Researchers release more descriptions of Sandworm, and security firms attribute attacks on US power and water utilities to Russian actors.
Popular Science's website has been exploited to deliver crimeware to visitors' systems.
Microsoft researchers warn that Crowti ransomware infections have spiked.
CurrentC, a merchant-favored alternative to Apple Pay, suffers a hack during its pre-release trial period.
Trend Micro reports detecting a new Shellshock-based campaign against SMTP servers.
Drupal reports a vulnerability to SQL injection in its content management system. Drupal advises users who failed to upgrade to version 7.32 within seven hours of that patch's release that they should consider themselves compromised.
A Red Hat Bugzilla report finds a new *nix bug. This one doesn't have a snappy name (yet) but it means that wget needs patching as soon as possible.
UK-CERT reports gratification with British progress in cyber information sharing. New Australian laws target leakers and require data retention. China's government orders removal and replacement of the Windows OS.