Welcome to today’s episode of "Cyber War Room," where we delve into the latest cybersecurity breaches and countermeasures. In today’s top stories, GitLab has addressed a high-severity XSS vulnerability that enabled attackers to hijack user accounts through malicious web pages. We explore how the flaw, CVE-2024-4835, found in GitLab CE and EE versions, was fixed following a bounty awarded via HackerOne.

Next, we discuss a sophisticated evasion tactic uncovered by MITRE Corporation, involving the creation of rogue virtual machines by hackers. This innovative method helps attackers remain undetected, pointing to escalating challenges in cybersecurity defense.

Also on the agenda, a new ransomware strain uses Microsoft's BitLocker to lock data, demanding ransoms for decryption. This exploit leverages system management tools, marking a worrying trend in the use of legitimate utilities for malicious endeavors.

In other news, a significant breach involving JAVS courtroom recording software has led to the deployment of RustDoor malware, which may compromise the integrity of court recordings and legal proceedings.

And finally, we cover Microsoft's latest findings on a cybercriminal group named "SmokyHorse," known for using advanced techniques to steal gift card data from retailers, blending cybercrime with espionage strategies.

Stay with us as we explore these stories, providing insights and implications for cybersecurity efforts worldwide. Tune into "Cyber War Room" for your daily briefing on the digital frontlines.