From techcrunch.com
Nvidia is acquiring Run:ai, a Tel Aviv-based company that makes it easier for developers and operations teams to manage and optimize their AI hardware infrastructure, for an undisclosed sum.
Ctech reported earlier this morning the companies were in “advanced negotiations” that could see Nvidia pay upwards of $1 billion for Run:ai. Evidently, the negotiations went on without a hitch.
A source close to the matter tells TechCrunch that the exact price tag was $700 million.
From securityaffairs.com
Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.
Threat actors employed two different types of backdoors and targeted large corporate networks
The researchers believe the campaign could be attributed to North Korea-linked AP Kimsuky. The final payload distributed by GuptiMiner was also XMRig.
“GuptiMiner is a highly sophisticated threat that uses an interesting infection chain along with a couple of techniques that include performing DNS requests to the attacker’s DNS servers, performing sideloading, extracting payloads from innocent-looking images, signing its payloads with a custom trusted root anchor certification authority, among others.” reads the analysis published by Avast. “The main objective of GuptiMiner is to distribute backdoors within big corporate networks.”
From darkreading.com
A Russian threat actor is peppering game developers with fraudulent Web3 gaming projects that drop multiple variants of infostealers on both MacOS and Windows devices.
The ultimate goal of the campaign appears to be defrauding victims and stealing their cryptocurrency wallets, according to Recorded Future’s Insikt Group, which discovered the malicious activity.
by Morgan Brazier 
A moderately sophisticated phishing campaign has been observed targeting multiple universities including Bournemouth University, Brighton and Warwick.
The email and subsequent registration portal masquerades as a university yearbook to harvest personally identifiable information (PII) and card details, tricking users into submitting payment and sensitive information by creating convincing emails already containing their first name and university.
Similar campaigns have been seen this time last year from different domains.
If you have been affected by this phishing campaign it is recommended you report the incident to both Action Fraud and the BU IT help desk:
https://www.actionfraud.police.uk
https://www.bournemouth.ac.uk/news/2019-03-04/contacting-it-service-desk
From independent.co.uk
Security researchers have uncovered a hack that allows cyber criminals to gain access to people’s Google accounts without needing their passwords.
Analysis from security firm CloudSEK found that a dangerous form of malware uses third-party cookies to gain unauthorised access to people’s private data, and is already being actively tested by hacking groups.
The exploit was first revealed in October 2023 when a hacker posted about it in a channel on the messaging platform Telegram.
From thehackernews.com
A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices.
Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim.
From techmonitor.ai
Google Chrome, Microsoft Edge, Mozilla Firefox and Apple’s Safari browser have all been impacted by a single zero-day vulnerability, it has emerged. The flaw, tracked as CVE-2023-4863, is caused by a heap buffer overflow in the WebP code library. Once exploited it can lead to system crashes and arbitrary code execution, where hackers can gain control over an infected device.
CVE-2023-4863 was first identified by researchers at The Citizen Lab, a research arm of the University of Toronto. The institution subsequently informed Google and Apple of the vulnerability’s existence. Both companies have now released patches. They were joined by Mozilla, which released its own advisory on CVE-2023-4863 yesterday and updates for several versions of its Firefox browser and Thunderbird email client, and Microsoft.