Hackers are exploiting trust in financial transactions by sending weaponized invoices with malware or malicious links. Cybersecurity researchers at Perception Point have found a sophisticated malware dubbed “LUMMA” and developed a new technology to identify and isolate it. The attack deceives victims with a fake invoice email that eventually redirects to harmful URLs, triggering an automatic download of malicious files. The LUMMA malware steals information and spreads through Malware-as-a-Service.

The NCSC wants developers to get serious on software security
The NCSC’s new Software Security Code of Practice has been praised by cyber professionals as a significant advancement in enhancing software supply chain security.