Two new backdoors discovered by ESET security researchers and given the names LunarWeb and LunarMail targeted an unnamed European Ministry of Foreign Affairs and three of its Middle Eastern diplomatic missions, The Hacker News reports.

In this month’s release, Redmond patched 60 CVEs including two other zero-days and a SharePoint Server remote code execution vulnerability rated critical.

The New Jersey Cybersecurity and Communications Integration Cell has warned that the Phorpiex botnet has been used since April to send millions of phishing emails as part of a large-scale LockBit Black ransomware campaign, reports BleepingComputer.

Kaspersky's APT trends report for the first quarter highlighted the emergence of a new threat from the North Korean threat group Kimsuky, in the form of a new sophisticated malware named Durian, which the group has used in targeted cyber attacks against South Korean cryptocurrency firms, reports The Hacker News.

Easy Passwords, BIG-IP, Ascension, Lockbit, Google, Poland, ZScaler, Aaran Leyland, and More, on this edition of the Security Weekly News.

Russian state-sponsored threat operation APT28 has launched a far-reaching malware campaign against government organizations across Poland, according to The Hacker News.

More sophisticated anti-analysis methods have been integrated into the updated version of the Hijack Loader malware loader, also known as IDAT Loader, to better circumvent security systems as it deploys various malicious payloads, The Hacker News reports.