CISA has added two-year-old vulnerabilities in TIBCO Software's JasperReports product to its KEV catalog after discovering evidence of active exploitation by cybercriminals.

Read: https://thehackernews.com/2022/12/cisa-warns-of-active-exploitation-of.html

Google has agreed to pay $29.5 million to settle lawsuits brought by Indiana and Washington, D.C. over its "deceptive" location tracking practices.

Read: https://thehackernews.com/2023/01/google-to-pay-295-million-to-settle.html

A new strain of Linux malware is targeting WordPress sites, taking advantage of vulnerabilities in various plugins and themes to infiltrate and compromise vulnerable systems.

Read: https://thehackernews.com/2023/01/wordpress-security-alert-new-linux.html

PyTorch, a machine learning framework project, fell victim to a supply chain attack between Dec. 25 and Dec.30, 2022, involving a malicious dependency that affected users who downloaded the affected versions.

Read: https://thehackernews.com/2023/01/pytorch-machine-learning-framework.html

Chinese international students in the U.K. have been facing persistent scams for over a year by Chinese-speaking fraudsters belonging to a group called RedZei (also known as RedThief).

Read: https://thehackernews.com/2023/01/redzei-chinese-scammers-targeting.html

Raspberry Robin worm is targeting financial and insurance sectors in Europe, and has evolved its post-exploitation capabilities to resist analysis and collect more data from infected computers.

Read: https://thehackernews.com/2023/01/raspberry-robin-worm-evolves-to-attack.html

Attention: A new malware campaign has been detected using sensitive information stolen from a bank to trick people into downloading a remote access trojan called BitRAT.

Read: https://thehackernews.com/2023/01/hackers-using-stolen-bank-information.html

Synology has released security updates to address a critical RCE vulnerability (CVE-2022-43931) impacting VPN Plus Server that could be exploited to take over affected systems.

Read: https://thehackernews.com/2023/01/synology-releases-patch-for-critical.html

Attention Linux users! There is a new malware that has been created using the Shell Script Compiler (shc) and it is deploying a cryptocurrency miner on infected systems.

Read: https://thehackernews.com/2023/01/new-shc-based-linux-malware-targeting.html

Irish regulators have fined Meta a hefty $414 million for violating data protection laws by forcing Facebook and Instagram users to accept targeted ads.

Read: https://thehackernews.com/2023/01/irish-regulators-fine-facebook-414.html

Fortinet has identified a high-severity flaw in multiple versions of FortiADC.

Zoho also warns of an SQLi vulnerability affecting Access Manager Plus, PAM360 and Password Manager Pro.

Read details: https://thehackernews.com/2023/01/fortinet-and-zoho-urge-customers-to.html

Don't let Vidar malware take control of your device.

This sneaky stealer now uses throwaway accounts on social media platforms to retrieve the address of its C2 servers and steal information from compromised hosts.

Details: https://thehackernews.com/2023/01/the-evolving-tactics-of-vidar-stealer.html

A new feature-rich version of SpyNote Android spyware has been detected targeting financial institutions, including HSBC UK, Deutsche Bank, Kotak Mahindra Bank and Nubank.

Read: https://thehackernews.com/2023/01/spynote-strikes-again-android-spyware.html

Alert: Bluebottle cybercrime group linked to targeted attacks on financial sector in French-speaking African countries.

Read: https://thehackernews.com/2023/01/bluebottle-cybercrime-group-preys-on.html

Symantec reports the group uses living-off-the-land & dual use tools, with no custom malware.

Alert: Financially motivated threat actor "Blind Eagle" has resurfaced with new tools and infection chain targeting organizations in Colombia and Ecuador.

Read: https://thehackernews.com/2023/01/blind-eagle-hackers-return-with-refined.html

Stay connected no matter what!

WhatsApp has announced support for proxy servers on Android and iOS, allowing users to bypass censorship and Internet shutdowns.

Read: https://thehackernews.com/2023/01/whatsapp-introduces-proxy-support-to.html

Rackspace confirmed that the Play ransomware gang was responsible for last month's breach. The attack used a zero-day exploit related to CVE-2022-41080 to gain initial access to the company's email environment.

Read: https://thehackernews.com/2023/01/rackspace-confirms-play-ransomware-gang.html

Notorious banking malware Dridex has reportedly adapted to attack Apple's macOS operating system with a new, previously unseen infection method.

Read: https://thehackernews.com/2023/01/dridex-malware-now-attacking-macos.html

Russian cyberespionage group Turla has been using decade-old ANDROMEDA malware's attack infrastructure to deliver its own custom reconnaissance and backdoor (KOPILUWAK and QUIETCANARY) tools to Ukraine.

Read details: https://thehackernews.com/2023/01/russian-turla-hackers-hijack-decade-old.html

Heads up! Malicious Visual Studio code extensions are being distributed by hackers to launch supply chain attacks against software developers.

Read: https://thehackernews.com/2023/01/hackers-distributing-malicious-visual.html

Stay alert, developers!

6 new malicious Python packages distributed via PyPI deploying info stealers and use Cloudflare tunnels to sneak through firewalls.

Read: https://thehackernews.com/2023/01/malicious-pypi-packages-using.html