U.S. cybersecurity agency CISA has included the recently disclosed Remote Code Execution (RCE) vulnerability affecting Spring Framework in its Known Exploited Vulnerabilities Catalog based on "evidence of active exploitation."

Details: https://thehackernews.com/2022/04/cisa-warns-of-active-exploitation-of.html

Email marketing service Mailchimp was hacked and customers' accounts were accessed to carry out phishing attacks, including users of cryptocurrency wallet company Trezor.

Read details: https://thehackernews.com/2022/04/hackers-breach-mailchimp-email.html

Researchers have linked widespread cyberespionage attacks to a Chinese hacker group called Cicada that has been attacking organizations around the world, including government, legal, religious, and NGOs.

Details: https://thehackernews.com/2022/04/researchers-trace-widespread-espionage.html

⚡German authorities shut down Russian Hydra DarkNet market and seized $25 million in Bitcoin.

Read: https://thehackernews.com/2022/04/germany-shuts-down-russian-hydra.html

According to reports, there were around 17 million customers and over 19,000 seller accounts registered on the marketplace.

Cybercrime group FIN7 has started to collaborate with several ransomware groups and has diversified its initial access vectors to compromise the software supply chain and use stolen credentials.

Read: https://thehackernews.com/2022/04/fin7-hackers-leveraging-password-reuse.html

The U.S. Treasury Department imposed sanctions on Hydra on Tuesday, the same day German law enforcement authorities disrupted the world's largest dark web marketplace as part of a coordinated operation in cooperation with U.S. authorities.

Read: https://thehackernews.com/2022/04/us-treasury-department-sanctions-russia.html

Block admits a data breach involving a former employee who accessed Cash App U.S. customers' information.

Read details: https://thehackernews.com/2022/04/block-admits-data-breach-involving-cash.html

Ukraine warns of a new wave of cyberattacks aimed at hacking users' Telegram messenger accounts, and also attributed another social engineering campaign to Russia-based #hacking group Armageddon with ties to the FSB.

Details: https://thehackernews.com/2022/04/ukraine-warns-of-cyber-attack-aiming-to.html

Watch out!!! Hackers spread malicious Android apps under the guise of seemingly harmless shopping apps to target customers of eight Malaysian banks.

Read details: https://thehackernews.com/2022/04/hackers-distributing-fake-shopping-apps.html

VMware releases critical patches for several products affected by a new set of vulnerabilities (CVE-2022-22954 to CVE-2022-22961), some of which could be exploited for RCE attacks.

Read details: https://thehackernews.com/2022/04/vmware-releases-critical-patches-for.html

Cybersecurity researchers have uncovered a "simple but efficient" persistence mechanism used by a relatively nascent malware loader called Colibri.

Read details: https://thehackernews.com/2022/04/researchers-uncover-how-colibri-malware.html

SharkBot banking trojan has resurfaced on the Google Play Store, disguised as antivirus apps installed by thousands of Android users.

Read: https://thehackernews.com/2022/04/sharkbot-banking-trojan-resurfaces-on.html

Researchers uncover details of a Hamas-linked hacking campaign targeting a group of high-level Israeli targets working for sensitive defense, law enforcement and emergency services organizations.

Details: https://thehackernews.com/2022/04/hamas-linked-hackers-targeting-high.html

Researchers have discovered what is believed to be the first malware targeting Amazon Web Services' (AWS) serverless platform Lambda.

Read details: https://thehackernews.com/2022/04/first-malware-targeting-aws-lambda.html

A number of malicious Android apps on the Google Play Store have infected the devices of thousands of users with Octo banking trojan that targets banks and other financial institutions.

Read details: https://thehackernews.com/2022/04/new-octo-banking-trojan-spreading-via.html

Microsoft has obtained a court order to take control of 7 domains used by the state-sponsored Russian hacking group APT28 to neutralize its attacks on Ukraine.

Read details: https://thehackernews.com/2022/04/microsoft-obtains-court-order-to-take.html

Ukrainian national who was part of the FIN7 hacking group has been sentenced to five years in prison for compromising tens of millions of debit and credit cards.

https://thehackernews.com/2022/04/ukrainian-fin7-hacker-gets-5-year.html

Researchers have uncovered further links between the BlackCat (aka AlphaV) and BlackMatter ransomware families.

Read details: https://thehackernews.com/2022/04/researchers-connect-blackcat-ransomware.html

Researchers have traced cyberattacks on Indian power grid organizations to a state-sponsored hacking group in China.

Read details: https://thehackernews.com/2022/04/chinese-hacker-groups-continue-to.html

Hackers are exploiting recently disclosed critical Spring4Shell vulnerability to execute the Mirai botnet.

Read details: https://thehackernews.com/2022/04/hackers-exploiting-spring4shell.html

“The second Tuesday of every month will be 'just another Tuesday.”

Microsoft to launch a new feature with the release of Windows 10/11 Enterprise E3 — called Autopatch — to help companies automatically keep their systems up-to-date.

Details: https://thehackernews.com/2022/04/microsofts-new-autopatch-feature-to.html