Here is a list of the top 30 most commonly exploited critical security vulnerabilities that hackers weaponize against broad target sets, including public and private sector organizations worldwide.

Read details: https://thehackernews.com/2021/07/top-30-critical-security.html

Vultur — a new Android remote access trojan — uses smartphone's screen recording feature to spy on its victims and steal their banking credentials.

Details: https://thehackernews.com/2021/07/new-android-malware-uses-vnc-to-spy-and.html

Two new ransomware gangs — Haron and BlackMatter — have appeared on cybercrime forums, with one professing to be a successor to DarkSide and REvil, infamous syndicates that went off the grid following major attacks on Colonial Pipeline and Kaseya.

https://thehackernews.com/2021/07/new-ransomware-gangs-haron-and.html

Hackers are using a decoy document titled "Crimea Manifesto" to infect target computers with a fully-featured VBA malware.

Details: https://thehackernews.com/2021/07/hackers-exploit-microsoft-browser-bug.html

It uses two attack vectors—malicious macros and an IE browser exploit—aiming to increase the chances of infection.

Microsoft has issued a warning about an ongoing malicious campaign employs uses fake call centers to trick users into downloading BazaLoader malware that can sniff data and install ransomware.

Read details: https://thehackernews.com/2021/07/phony-call-centers-tricking-users-into.html

A recent cyberattack that disrupted Iran's railway system and the ministry of transportation was caused by a never-before-seen reusable wiper malware called "Meteor."



Details: https://thehackernews.com/2021/07/a-new-wiper-malware-was-behind-recent.html

Researchers have discovered several malicious Python libraries hosted on the PyPI repository that aim to steal credit cards and inject code.

Read details: https://thehackernews.com/2021/07/several-malicious-typosquatted-python.html

Researchers reveal 30 new command-and-controlled servers belonging to the Russian hacking group APT29, which is currently delivering WellMess #malware as part of ongoing attacks against Windows and Linux systems.

Read details: https://thehackernews.com/2021/07/experts-uncover-several-c-servers.html

Solarmarker, a highly modular and constantly evolving information-stealing and keylogging malware, is once again on the rise, targeting #healthcare and education sectors.

Details: https://thehackernews.com/2021/08/solarmarker-infostealer-malware-once.html

A critical vulnerability in Python Package Index (PyPI) platform could have given attackers complete control over the official software repository, spawning supply-chain attacks.

Details: https://thehackernews.com/2021/08/pypi-python-package-repository-patches.html

A new APT hacker group, known as "Praying Mantis," is targeting high-profile public and private organizations in the U.S. by exploiting Microsoft IIS servers with ASP .net exploits to penetrate their networks.

Read: https://thehackernews.com/2021/08/new-apt-hacking-group-targets-microsoft.html

9 newly discovered vulnerabilities—dubbed PwnedPiper—leave a widely used Pneumatic Tube System (PTS) vulnerable to critical cyberattacks.

https://thehackernews.com/2021/08/pwnedpiper-pts-security-flaws-threaten.html

Affected systems are installed in 80% of major hospitals in the U.S. & in no fewer than 3,000 hospitals worldwide.

Chinese state hackers launched a series of cyberattacks against at least 5 major Southeast Asian telecom companies, researchers find.

Read details: https://thehackernews.com/2021/08/chinese-hackers-target-major-southeast.html

⚡ Critical vulnerabilities disclosed in "NicheStack" TCP/IP stack, used in millions of Operational Technology (OT) from more than 200 manufacturers & deployed in power generation, water treatment and critical infrastructure sectors.

Read: https://thehackernews.com/2021/08/critical-flaws-affect-embedded-tcpip.html

Researchers discover China APT31's new #spyware used in widespread cyber espionage attacks.

Details: https://thehackernews.com/2021/08/new-chinese-spyware-being-used-in.html

The group is linked to a series of cyberattacks targeting Mongolia, Russia, Belarus, Canada, and the U.S.

Researchers uncover "Webdav-O," malware used by Chinese state-sponsored hackers to target Russian federal executive agencies in 2020.

Read: https://thehackernews.com/2021/08/russian-federal-agencies-were-attacked.html

Several active #malware families targeting Windows IIS web servers with malicious modules.

Read: https://thehackernews.com/2021/08/several-malware-families-targeting-iis.html

Such backdoors were also deployed via the recent Microsoft Exchange vulnerability, with government entities among the main targets.

Cisco rolls out security patches to address critical vulnerabilities impacting Small Business VPN routers that could allow remote attackers to execute arbitrary code and launch DoS attacks.

Details: https://thehackernews.com/2021/08/cisco-issues-critical-security-patches.html

Beseechers uncovers 5 unpatched flaws in Mitsubishi Safety PLCs that could leave several industries vulnerable to remote attacks.

Read: https://thehackernews.com/2021/08/unpatched-security-flaws-expose.html

CISA warns -- "there are risks of communication data eavesdropping/ tampering, unauthorized operation and DoS attacks"

Several cybercriminal groups are leveraging Prometheus TDS malware-as-a-service (MaaS) solution to distribute a wide range of backdoors, including Campo Loader, Hancitor, IcedID, QBot, Buer Loader, and SocGholish.

Read: https://thehackernews.com/2021/08/a-wide-range-of-cyber-attacks.html

VMware has released security updates for several products to address a critical vulnerability that could be exploited to gain access to confidential information.

— Workspace One Access
— Identity Manager
— Cloud Foundation
— vRealize Automation

Details: https://thehackernews.com/2021/08/vmware-issues-patches-to-fix-critical.html