First, the FBI's operation to remove the Chinese PlugX malware, which was found on thousands of computers in the United States. This malware was linked to a Chinese cyber espionage group known as Mustang Panda and was capable of spreading through USB drives. Next, a flaw in Google's OAuth system that could allow attackers to access abandoned accounts by registering the domains of defunct startups. This vulnerability stems from inconsistencies in the unique user identifier, enabling attackers to impersonate former employees on various SaaS platforms. Lastly, one source reports on a new bug discovered in macOS, which enables attackers to circumvent the system's integrity protection by loading third-party kernel extensions. This bypass could potentially lead to the installation of rootkits, persistent malware, and an expanded attack surface for further exploitation.