In the latest edition of the Changelog newsletter, README senior editor Nathaniel Mott examines U.S. and Japanese agencies' warning that Chinese hackers are targeting routers, the latest in the Storm-0558 hack and 40 years of the GNU Project:

README has introduced a new series called Commit to bring you the latest #cybersecurity news every Monday and Tuesday. Check out the first Commit here and the second one here then keep an eye out for more next week!.

This week in README, @roblemos reported on the ongoing dangers caused by cyberattacks on the medical industry. "Until healthcare facilities are well protected," Lemos wrote, "their systems — and human lives — will continue to be at risk."

In case you missed it, @msbrumfield reported from the Billington Cyber Summit last week, where many of the attendees had both the offensive and defensive possibilities for generative AI on their minds:

Costly business email compromise scams are getting an #AI boost. Don’t miss @RobLemos’s breakdown of how AI #technology and deep neural networks are upending the cyberthreat landscape:

London’s Metropolitan Police Service has suffered a “staggering” security breach involving a third-party supplier that had access to names and pay scales of staff and officers, among other sensitive information, as @guardian reported:

From "spy chips" in weather equipment to a cyberespionage campaign targeting Taiwan, it's been another busy week for #hacking news linked to China. Don't miss the latest installment of @NathanielMott's Changelog #cybersecurity newsletter 🗞️:

For more on QR code security, check out @nathanielmott's report from last February, when Coinbase's Super Bowl ad prompted dire warnings about the dangers of scanning these ubiquitous squares:

But QR codes can be used to evade common security measures, especially when scanned with personal devices rather than enterprise-protected systems, and Cofense said this campaign "may indicate that malicious actors are testing the efficacy of QR codes as a viable attack vector.".

Cofense said "QR Codes are not historically popular as they are limited in the way a user can interact with them" and "limited to the mobile device used, which provides a user with a sneak peak of the [embedded link] and verifies if the user wishes to go to the link.".

Someone has finally used malicious QR codes in real-world attacks. Cofense revealed on Aug. 16 that it "observed a large phishing campaign utilizing QR codes targeting the Microsoft credentials of users from a wide array of industries." .

@msbrumfield @nathanielmott And, to top it all off, you can also check us out on @LinkedIn. (Don't worry: We'll continue to post on the social platform we all still know as Twitter.)

We've also published @msbrumfield's report on Dark Caracal, a surprisingly inept yet curiously effective cyber mercenary group: And, of course, we recapped the week's news in the most recent Changelog newsletter via @nathanielmott:

🗞️ README has moved to a new site, boasting an updated design and the same committed #cybersecurity coverage you've come to expect! If you've recovered from Hacker Summer Camp, don't miss our reporting on this year's #BHUSA and #DEFCON31 conferences ✍️:

This report follows the claim that the U.S. hacked an earthquake monitoring center in Wuhan in late July, though it's unclear what the Chinese government believes would have motivated that hack, or how it could further U.S. interests.

China's state-run news outlet Global Times said today "Chinese authorities will publicly disclose a highly secretive global reconnaissance system of the US government, which poses a serious security threat to China's national security and world peace.".

The CSRB, meanwhile, was founded in response to the SolarWinds hack of 2020. (Although the group has yet to study that particular campaign ). Its first report was on the expected fallout of the Log4Shell vulnerabilities in Log4j:

Lapsus$ was a prolific hacking group that compromised tech giants like Microsoft, Nvidia, Samsung and T-Mobile throughout 2021 and 2022:

The Cyber Safety Review Board today released its second report, "Review Of The Attacks Associated with Lapsus$ And Related Threat Groups," which the Department of Homeland Security-backed group started to study in December 2022:

These efforts will be organized as The AI Cyber Challenge (AIxCC) by DARPA and its partners: Anthropic, Google, Microsoft, OpenAI, the Open Source Security Foundation, Black Hat USA and DEF CON. Details on AIxCC's schedule and payouts can be found here: