🔥 Experts find 1-CLICK code execution bugs in popular desktop apps for Windows, macOS & Linux—including Telegram, Nextcloud, VLC, Libre-/OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark and more.

https://thehackernews.com/2021/04/1-click-hack-found-in-popular-desktop.html
If you're using any of them, make sure it's up-to-date.

In retaliation for the SolarWinds cyberattack, which the United States has attributed with "high confidence" to the operatives working for the Russian intelligence service, the Biden administration today imposed sweeping sanctions on Russia and expelled 10 diplomats.

https://thehackernews.com/2021/04/us-sanctions-russia-and-expels-10.html

Researchers have found multiple severe vulnerabilities affecting OpENer EtherNet/IP stack used in industrial systems that could enable DoS, RCE, and memory leak attacks.

Read: https://thehackernews.com/2021/04/severe-bugs-reported-in-ethernetip.html
A simple crafted packet would be all that's needed to exploit these issues.

A Ukrainian hacker—who worked as system administrator for the billion-dollar hacking group FIN7—has been sentenced to 10 years in U.S. prison.

https://thehackernews.com/2021/04/sysadmin-of-billion-dollar-hacking.html

XCSSET macOS malware campaign that targeted Xcode developers has been updated to include support for Apple's new M1 chips and expand its capabilities to steal from cryptocurrency apps.

Read: https://thehackernews.com/2021/04/malware-spreads-via-xcode-projects-now.html

In recent spear-phishing attacks, North Korean Lazarus APT hackers are now using BMP images to hide RAT malware.

Read: https://thehackernews.com/2021/04/lazarus-apt-hackers-are-now-using-bmp.html

Watch Out! Researchers have spotted a new set of fraudulent Android apps—with over 700,000 downloads—on the Google Play store that hijack SMS notifications for billing scams.

Check list here: https://thehackernews.com/2021/04/over-750000-users-download-new-billing.html

🔥 WARNING !!!

APT hackers are exploiting a new UNPATCHED 0-DAY critical authentication bypass vulnerability (CVE-2021-22893) in Pulse Connect Secure Gateway to breach organizations worldwide.
Details — https://thehackernews.com/2021/04/warning-hackers-exploit-unpatched-pulse.html
Temporary mitigations currently available.

0-DAY ALERT — Hackers have been exploiting 3 new flaws in #SonicWall Email Security appliances to penetrate corporate networks and "install a backdoor, access files and email, and move laterally on the victim's network."

Details: https://thehackernews.com/2021/04/3-zero-day-exploits-hit-sonicwall.html

⚡ Google Chrome users should UPDATE (90.0.4430.85 or above) their browsers immediately to fix a high-risk vulnerability for which no patch was available for a week after a PoC exploit was made public.

Read — https://thehackernews.com/2021/04/update-your-chrome-browser-immediately.html

REvil ransomware gang has compromised Apple supplier Quanta, and hackers are now threatening to leak stolen blueprints of future MacBooks if a $50 million ransom isn't paid.

Sample blueprints published. Read: https://thehackernews.com/2021/04/hackers-threaten-to-leak-stolen-apple.html

Cybercriminals are now using Telegram messenger to control ToxicEye malware deployed on infected computers remotely.

https://t.co/xiHchIw4gL

Researchers discover additional infrastructure used by the SolarWinds hackers, suggesting they carefully planned to avoid creating patterns that would make them easy to detect, intentionally complicating forensic analysis.

Read: https://t.co/iKORVVGUgG

During an incident response engagement, CISA discovers that a separate group of hackers used the SUPERNOVA malware to backdoor SolarWinds Orion after gaining access to the network through Pulse Secure VPN.

Read: https://thehackernews.com/2021/04/hackers-exploit-vpn-flaw-to-deploy.html

Watch Out! Prometei cryptocurrency botnet is now hunting for unpatched Microsoft Exchange servers and exploiting ProxyLogon flaws to infiltrate networks and install malware.

Read: https://thehackernews.com/2021/04/prometei-botnet-exploiting-unpatched.html

Cybercriminals exploited 3 new security vulnerabilities affecting QNAP network attached storage (NAS) devices in recent ransomware attacks.

Read details: https://thehackernews.com/2021/04/new-qnap-nas-flaws-exploited-in-recent.html
QNAP is also urging users to install the latest software updates to prevent these attacks.

In a recent supply chain cyberattack, Passwordstate password manager's software update was hijacked to install backdoors on the computers of thousands of users.

Read: https://thehackernews.com/2021/04/passwordstate-password-manager-update.html
All Passwordstate users should reset their saved passwords immediately.

A critical vulnerability in Homebrew Package Manager for macOS and Linux could have allowed hackers to execute arbitrary code on users' machines remotely.

https://thehackernews.com/2021/04/critical-rce-bug-found-in-homebrew.html

Researchers analyzed one of the largest password dumps, containing over 3.2 BILLION usernames and plain-text passwords, and discovered 1.5 MILLION records associated with emails linked to government domains around the world.

Read: https://thehackernews.com/2021/04/32-billion-leaked-passwords-contain-15.html

Today the Emotet malware destroys itself!

As planned by law enforcement agencies, all infected computers around the globe receive a payload that automatically removes the virus from victims' Windows systems.
Details: https://thehackernews.com/2021/04/emotet-malware-destroys-itself-today.html

An unpatched vulnerability in Apple's offline file-sharing technology in iPhone and Macbook could allow anyone nearby to discover your personal information.

Read details: https://thehackernews.com/2021/04/apple-airdrop-bug-could-leak-your.html