A critical RCE vulnerability has been reported in the WordPress plugin Elementor Website Builder, with over five million active installations, which could allow attackers to take over unpatched websites.

Details: https://thehackernews.com/2022/04/critical-rce-flaw-reported-in-wordpress.html

Ukraine government has warned of a new wave of hacking campaigns that spread IcedID malware and exploit Zimbra exploits to steal sensitive information.

Details: https://thehackernews.com/2022/04/new-hacking-campaign-targeting.html

Cybersecurity researchers have uncovered a new version of the SolarMarker malware that packs in new enhancements to improve its ability to evade defenses and stay under the radar.

Read details: https://thehackernews.com/2022/04/new-solarmarker-malware-variant-using.html

Researchers provide a detailed technical analysis of the PYSA ransomware group primarily striking government, healthcare, and education sectors.

Read details: https://thehackernews.com/2022/04/researchers-share-in-depth-analysis-of.html

Github's security team has notified users/organizations whose private data was downloaded with stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI.

Details: https://thehackernews.com/2022/04/github-notifies-victims-whose-private.html

U.S. government has issued a new warning about North Korean state-sponsored hackers targeting blockchain companies, including cryptocurrency exchanges, DeFi protocols, trading firms, venture capital funds, and individuals holding NFTs.

Read: https://thehackernews.com/2022/04/fbi-us-treasury-and-cisa-warns-of-north.html

A previously unknown zero-click exploit for Apple's iMessage was used to install spyware from NSO Group and Candiru on 65 people as part of a "multi-year clandestine operation."

Read details: https://thehackernews.com/2022/04/experts-uncover-spyware-attacks-against.html

Researchers discover multiple UEFI firmware vulnerabilities in various Lenovo laptop models that allow malicious actors to install and execute firmware implants on the affected devices.

Read details: https://thehackernews.com/2022/04/new-lenovo-uefi-firmware.html

CISA has issued a new warning that hackers are exploiting a recently reported vulnerability in the Windows Print Spooler, as well as two other vulnerabilities in Zimbra and WhatsApp that are being exploited.

Read: https://thehackernews.com/2022/04/hackers-exploiting-recently-reported.html

Okta said it concluded its investigation into the breach of a third-party vendor by the LAPSUS$ extortionist gang in late January 2022 and determined only two customers were affected.

Read details: https://thehackernews.com/2022/04/okta-says-security-breach-by-lapsus.html

Researchers disclose details about a now-patched vulnerability in the Snort Intrusion Detection and Prevention System that could allow attackers to render it powerless against malicious traffic.

Read details: https://thehackernews.com/2022/04/researchers-detail-bug-that-could.html

Google Project Zero called 2021 a "record year for in-the-wild 0-days," as 58 security vulnerabilities were detected and disclosed during the course of the year.

Details: https://thehackernews.com/2022/04/google-project-zero-detects-record.html

Five Eyes nations have released a joint cybersecurity advisory warning of an increase in malicious attacks by Russian state-sponsored actors and criminal groups on critical infrastructure amid the ongoing military siege of #Ukraine.

Read: https://thehackernews.com/2022/04/five-eyes-nations-warn-of-russian-cyber.html

Researchers have published a new incident report revealing how hackers exploited "ProxyShell" vulnerabilities in Microsoft Exchange to encrypt companies' networks with Hive ransomware.

Read details: https://thehackernews.com/2022/04/new-incident-report-reveals-how-hive.html

Researchers have found three vulnerabilities in the audio decoders of Qualcomm and MediaTek Android mobile chips that, if exploited, could allow hackers to remotely access media and audio conversations on affected devices.

Read: https://thehackernews.com/2022/04/critical-chipset-bug-opens-millions-of.html

A new unpatched vulnerability has been disclosed in the RainLoop webmail client that could allow hackers to remotely access the victim's inbox by sending a specially crafted email.

Read details: https://thehackernews.com/2022/04/unpatched-bug-in-rainloop-webmail-could.html

Cisco has released security updates to address three high-severity vulnerabilities in its TelePresence, RoomOS and Umbrella VA products that could be exploited to conduct DoS attacks and take control of affected systems.

Read: https://thehackernews.com/2022/04/cisco-releases-security-patches-for.html

QNAP has issued a notice recommending users update firmware for network-attached storage (NAS) appliances to fix two vulnerabilities affecting the Apache HTTP component.

Read: https://thehackernews.com/2022/04/qnap-advises-users-to-update-nas.html

Cybersecurity researchers warn of LemonDuck cryptocurrency mining botnet targeting Docker and TeamTNT hacker group attacking #Kubernetes and public cloud providers to mine cryptocurrencies.

Read details: https://thehackernews.com/2022/04/watch-out-cryptocurrency-miners.html

A critical authentication bypass vulnerability (CVE-2022-0540 and CVSS 9.9) has been discovered in Seraph affecting #Atlassian Jira and Jira Service Management.

Read details: https://thehackernews.com/2022/04/atlassian-drops-patches-for-critical.html

T-Mobile admits that the Lapsus$ hackers gained access to the company's internal tools and source code in March prior to the arrest of its seven members.

Read details: https://thehackernews.com/2022/04/t-mobile-admits-lapsus-hackers-gained.html