Beware of BADBOX.

The US Department of Justice has filed a complaint to seize $7.74 million linked to illegal North Korean IT workers. The FBI has warned of BADBOX 2.0 malware that has infected millions of IoT devices. Researchers have discovered a major security flaw in Chrome extensions that exposes API keys and secrets. Iranian hackers have been targeting Kurdish and Iraqi government officials in a long-running cyberespionage campaign. Hitachi Energy, Acronis, and Cisco have patched critical vulnerabilities in their software. Meanwhile, 20 suspects have been arrested for distributing child sexual abuse content. Hackers have exploited a critical flaw in Roundcube webmail. Ian Bramson, Global Head of Industrial Cybersecurity at Black & Veatch, has discussed how organizations can close the cyberattack readiness gap in industrial environments. OpenAI is fighting a court order to save all ChatGPT logs, including deleted chats. The CyberWire is a production of N2K Networks, providing strategic workforce intelligence.