🚨 Attention online shoppers! Beware of the insidious Magecart-style web skimmer campaign sweeping across e-commerce websites! Cybercriminals are exploiting trusted sites to host skimmer code, taking advantage of their good reputation.

Read: https://thehackernews.com/2023/06/magento-woocommerce-wordpress-and.html

Microsoft tracks threat actor Lace Tempest's ongoing exploitation of a critical flaw in Progress Software MOVEit Transfer. The flaw enables hackers to authenticate as any user, leading to data exfiltration.

Learn more: https://thehackernews.com/2023/06/microsoft-lace-tempest-hackers-behind.html

Attention network administrators! Zyxel firewalls under attack!

Act now to prevent a potential DoS attack and remote code execution. Check if your devices are affected and apply the latest patches immediately.

Details: https://thehackernews.com/2023/06/zyxel-firewalls-under-attack-urgent.html

Watch out for SMS phishing scams! PostalFurious, a Chinese-speaking gang, is masquerading as postal services to trick users in the U.A.E.

Learn more: https://thehackernews.com/2023/06/chinese-postalfurious-gang-strikes-uae.html

Cyclops ransomware gang, a stealthy menace targeting Windows, macOS, and Linux, is now offering threat actors an information-stealing malware that captures sensitive data and uploads it to a remote server.

Learn more: https://thehackernews.com/2023/06/cyclops-ransomware-gang-offers-go-based.html

🚨 Heads up, Chrome users! Google has released a security update to fix a new high-severity zero-day vulnerability in its web browser that is being actively exploited by hackers in the wild.

Update your browsers now: https://thehackernews.com/2023/06/zero-day-alert-google-issues-patch-for.html

🚨 Beware Android users! Over 60,000 adware apps have been lurking in the shadows, disguising as cracked versions of your favorite apps. Don't fall for the trap!

Learn more: https://thehackernews.com/2023/06/over-60k-adware-apps-posing-as-cracked.html

The first quarter of 2023 showed a significant increase in Cy-X victims. The reason for this could be linked to the ongoing war in Ukraine.

Join us on Thursday 8th June at 14:00 BST / 15:00 CEST, while we uncover the key learnings, trends, patterns, and threat actors from this unique data set.

https://thn.news/f7SHwKEB

Attention crypto users! Find out how cybercriminals are using the Satacom downloader to steal cryptocurrency through Chromium-based browsers.

Read more: https://thehackernews.com/2023/06/new-malware-campaign-leveraging-satacom.html

PowerDrop, the malware designed to fly under the radar, is targeting the U.S. aerospace industry. Learn how it leverages ICMP messages and WMI services to compromise networks undetected.

Learn more: https://thehackernews.com/2023/06/new-powerdrop-malware-targeting-us.html

Attention parents and gamers! Microsoft settles FTC charges for $20 million over unauthorized collection of children's data on Xbox.

Find out what steps are being taken to protect young players: https://thehackernews.com/2023/06/microsoft-to-pay-20-million-penalty-for.html

Barracuda customers, take note! If you've been affected by the zero-day flaw (CVE-2023-2868) in their Email Security Gateway appliances, it's time to replace them ASAP!

Learn more: https://thehackernews.com/2023/06/barracuda-urges-immediate-replacement.html

North Korean hacking group Kimsuky targets think tanks, academia, and news media in a sophisticated social engineering campaign to steal Google credentials and gather strategic intelligence.

Read details here: https://thehackernews.com/2023/06/kimsuky-targets-think-tanks-and-news.html

Double Trouble! Cisco Expressway Series/VCS and VMware Aria Operations for Networks need immediate patching to mitigate risks of remote code execution and privilege escalation.

Read: https://thehackernews.com/2023/06/urgent-security-updates-cisco-and.html

Don't wait for an attack—act now to protect your data!

Worried about API security breaches? Find out how API posture management can help you proactively identify and remediate security issues before they're exploited.

Learn more: https://thehackernews.com/2023/06/how-to-improve-your-api-security-posture.html

🚨 A new research report has revealed that the notorious Clop ransomware group has likely been silently exploiting the recently disclosed critical MOVEit Transfer application vulnerability (CVE-2023-34362) since 2021.

Details: https://thehackernews.com/2023/06/clop-ransomware-gang-likely-exploiting.html

Beware of Stealth Soldier! The latest mysterious surveillance tool infiltrating North Africa, equipped with file exfiltration, keystroke logging, and screen recording capabilities.

Read details: https://thehackernews.com/2023/06/stealth-soldier-new-custom-backdoor.html

Stay vigilant against this emerging threat.

Asylum Ambuscade: Elusive threat actor bridging cybercrime and cyber espionage, targeting banks, cryptocurrency traders, and government entities.

Learn more about their tactics and wide-reaching impact: https://thehackernews.com/2023/06/asylum-ambuscade-cybercrime-group-with.html

Microsoft uncovers complex AitM phishing and BEC attacks targeting banks and financial services.

Discover the anatomy of these attacks, from spoofed sign-in pages to session cookie theft, & learn how cybercriminals carry out financial fraud.

https://thehackernews.com/2023/06/microsoft-uncovers-banking-aitm.html

Educating people about cybersecurity isn't enough. It's time to integrate security solutions like access management to minimize human-related risk.

Find out why in this latest blog post: https://thehackernews.com/2023/06/5-reasons-why-access-management-is-key.html

🚨 Attention! Multiple new SQL injection vulnerabilities discovered in MOVEit Transfer, posing a risk of unauthorized access to the database.

Details: https://thehackernews.com/2023/06/new-critical-moveit-transfer-sql.html

Upgrade to the latest versions to protect sensitive information.