🚨 Urgent: Hackers are exploiting a high-severity flaw in the Elementor Pro plugin for WordPress, enabling them to take control of WooCommerce enabled sites. Update to version 3.11.7 or 3.12.0 immediately.

Learn more: https://thehackernews.com/2023/04/hackers-exploiting-wordpress-elementor.html

🚨 High-risk security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by hackers!

Details: https://thehackernews.com/2023/04/cacti-realtek-and-ibm-aspera-faspex.html

Update your systems ASAP to protect against MooBot and ShellBot attacks.

🚨 Microsoft patches Azure Active Directory misconfiguration issue, which exposed high-impact apps to unauthorized access and could have allowed attackers to modify Bing search results.

Learn more: https://thehackernews.com/2023/04/microsoft-fixes-new-azure-ad.html

Italy's data protection watchdog, Garante, temporarily bans OpenAI's ChatGPT, citing data protection concerns & potential violation of GDPR laws.

Learn more: https://thehackernews.com/2023/04/italian-watchdog-bans-openais-chatgpt.html

Despite the ban, apps using OpenAI's tech, such as Microsoft's Bing, are unaffected.

⚠️ Beware of OpcJacker! This stealthy malware is targeting users through fake websites, promising VPN services and more. Its main functions: keylogging, data theft, and crypto hijacking.

Learn more: https://thehackernews.com/2023/04/crypto-stealing-opcjacker-malware.html

⚠️ Western Digital discloses a network security breach involving unauthorized access to its systems on March 26, 2023.

Learn more: https://thehackernews.com/2023/04/western-digital-hit-by-network-security.html

Investigation underway with the help of cybersecurity experts and law enforcement.

A supply chain attack targeting 3CX has been linked to North Korea's Lazarus Group, with the second-stage implant (Gopuram) specifically singling out a select few cryptocurrency companies.

Learn more: https://thehackernews.com/2023/04/cryptocurrency-companies-targeted-in.html

🔒 Microsoft is taking action against malware abuse in OneNote by automatically blocking embedded files with "dangerous extensions".

Find the full list of 120 extensions here: https://thehackernews.com/2023/04/microsoft-tightens-onenote-security-by.html

🔥 Arid Viper, aka Mantis, linked to Hamas' cyber warfare division, updates its malware toolkit (ViperRat, FrozenCell, Micropsia) targeting Palestinian entities across Windows, Android, & iOS platforms!🛡️💻

Learn more: https://thehackernews.com/2023/04/arid-viper-hacking-group-using-upgraded.html

Beware of the new Rilide malware targeting Chromium-based browsers! This malicious extension steals sensitive data & siphons cryptocurrency while disguised as a legitimate Google Drive add-on.

Learn more: https://thehackernews.com/2023/04/new-rilide-malware-targeting-chromium.html

🚨 Cybersecurity researchers uncover a new, sophisticated 🔐 ransomware strain called Rorschach. With unprecedented speed & unique features, it's raising the bar for future attacks.

Learn more: https://thehackernews.com/2023/04/rorschach-ransomware-emerges-experts.html

🚨 Alert: Typhon Reborn V2, a new version of the information-stealing malware, has emerged with enhanced capabilities to evade detection and resist analysis.

Learn more: https://thehackernews.com/2023/04/typhon-reborn-stealer-malware.html

North Korean-backed threat actor ARCHIPELAGO targets South Korean & US government, military, and policy experts.

Learn more: https://thehackernews.com/2023/04/google-tag-warns-of-north-korean-linked.html

Researchers uncover a new attack technique involving malicious SFX files! These files can hide hidden functionality, enabling persistent backdoor access to victims' systems.

Learn more: https://thehackernews.com/2023/04/hackers-using-self-extracting-archives.html

SEO poisoning in action 🕷️!

Users searching for "WhatsApp Web" are lured to rogue domains hosting the CryptoClippy malware, which steals cryptocurrency by replacing wallet addresses during transactions.

Learn more: https://thehackernews.com/2023/04/cryptoclippy-new-clipper-malware.html

📱Attention, Android app developers! Google announces a new data deletion policy.

It now requires apps to provide users with easy in-app and online account deletion options. Devs must also disclose data retention practices.

Read: https://thehackernews.com/2023/04/google-mandates-android-apps-to-offer.html

An international law enforcement operation named Operation CookieMonster has taken down the notorious Genesis Market, an illegal online marketplace that sold stolen credentials.

Read: https://thehackernews.com/2023/04/fbi-cracks-down-on-genesis-market-119.html

The crackdown involved 17 countries and resulted in 119 arrests.

Supply Chain Attacks & Critical Infrastructure: Understanding the growing threat to a nation's security & economy.

Here's how CISA steps up to protect our digital crown jewels.

Read on👉 https://thehackernews.com/2023/04/supply-chain-attacks-and-critical.html

Telegram becoming a hub for cybercrime! Researchers find threat actors using the platform to sell phishing kits and set up campaigns.

Over 2.5 million malicious URLs generated using phishing kits on Telegram in the past 6 months!

Learn more: https://thehackernews.com/2023/04/researchers-uncover-thriving-phishing.html

Apple releases security updates for iOS, iPadOS, macOS, and Safari to address two zero-day flaws being actively exploited in the wild.

Learn more: https://thehackernews.com/2023/04/apple-releases-updates-to-address-zero.html

Get the latest version now!

Ransomware threat alert! 🔒🚨

U.S. cybersecurity agency has added 5 actively exploited flaws to its CVE catalog, including 3 impacting Veritas Backup Exec Agent software.

Details: https://thehackernews.com/2023/04/cisa-warns-of-5-actively-exploited.html

Apply patches now to secure your network against potential threats.