Beware! A critical security flaw (CVE-2023-28121) in the WooCommerce Payments #WordPress plugin is currently being actively exploited by threat actors.

In addition to this, Rapid7 has also discovered ongoing exploitation of Adobe ColdFusion flaws (including CVE-2023-29298), resulting in web shell deployments.

Read details here: https://thehackernews.com/2023/07/cybercriminals-exploiting-woocommerce.html

Conor Brian Fitzpatrick, the owner of BreachForums, pleads guilty to charges related to operating a cybercrime forum and possessing child pornography—faces up to 40 years in jail and $750,000 in fines.

Read: https://thehackernews.com/2023/07/owner-of-breachforums-pleads-guilty-to.html

FIN8, notorious financially motivated hacker group, has adopted a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware.

Learn more: https://thehackernews.com/2023/07/fin8-group-using-modified-sardonic.html

Attention VirusTotal users!

A database containing 5,600 customers' details has been exposed, including government agencies like the FBI, NSA, and more.

Learn more: https://thehackernews.com/2023/07/virustotal-data-leak-exposes-some.html

A sophisticated threat actor is targeting Pakistan government entities through a trojanized version of the E-Office application.

Read details: https://thehackernews.com/2023/07/pakistani-entities-targeted-in.html

ALERT: Critical security flaw in Citrix NetScaler ADC and Gateway being actively exploited! CVE-2023-3519 allows unauthenticated remote code execution.

Read: https://thehackernews.com/2023/07/zero-day-attacks-exploited-critical.html

🚨 U.S. government puts Cytrox and Intellexa, foreign commercial spyware vendors, on an economic blocklist for their potential misuse of surveillance tools.

Read details here: https://thehackernews.com/2023/07/us-government-blacklists-cytrox-and.html

🔒 Cybersecurity researchers have discovered a privilege escalation vulnerability, dubbed Bad Build, in Google Cloud. Attackers could tamper with app images and infect users, leading to supply chain attacks.

Read: https://thehackernews.com/2023/07/badbuild-flaw-in-google-cloud-build.html

APT41, a China-linked nation-state actor, has been linked to two newAndroid spyware strains, WyrmSpy and DragonEgg.

Read: https://thehackernews.com/2023/07/chinese-apt41-hackers-target-mobile.html

Dark web investigations rely on techniques like OSINT to uncover identities and track down cybercriminals.

Explore the various techniques used to identify the individuals behind these sites and personas.

Read: https://thehackernews.com/2023/07/exploring-dark-side-osint-tools-and.html

U.S. cybersecurity agencies issue recommendations to strengthen security in 5G network slicing. Find out how to ensure confidentiality, integrity, and availability of network services.

Read details: https://thehackernews.com/2023/07/cisa-and-nsa-issue-new-guidance-to.html

ColdFusion users, beware! Adobe has released new updates to fix a critical security flaw (CVE-2023-38205) that's actively being exploited in the wild.

Read: https://thehackernews.com/2023/07/adobe-rolls-out-new-patches-for.html

Make sure to update your installations to stay protected.

To address evolving nation-state cyber threats, Microsoft announces the inclusion of detailed logs of email access and more log data types for customers at no additional cost.

Read details: https://thehackernews.com/2023/07/microsoft-expands-cloud-logging-to.html

Cybersecurity researchers are warning about a new cloud-targeting, peer-to-peer worm called P2PInfect. It exploits vulnerable Redis instances running on Linux and Windows OS, making it highly scalable.

Read more: https://thehackernews.com/2023/07/new-p2pinfect-worm-targeting-redis.html

North Korean state-sponsored groups suspected in the recent supply chain attack on JumpCloud! They used the breach to target cryptocurrency firms, aiming to generate illegal revenues.

Learn more: https://thehackernews.com/2023/07/north-korean-state-sponsored-hackers.html

Multiple critical flaws in Apache OpenMeetings, a web conferencing solution, exposed admin accounts to control and malicious code execution.

✅ CVE-2023-28936
✅ CVE-2023-29032
✅ CVE-2023-29246

Read details: https://thehackernews.com/2023/07/apache-openmeetings-web-conferencing.html

Mallox ransomware surges 174% in 2023, employing double extortion tactics by stealing data before encryption.

Read: https://thehackernews.com/2023/07/mallox-ransomware-exploits-weak-ms-sql.html

Targeting manufacturing, legal services, and retail sectors, they exploit vulnerable MS-SQL servers as a primary penetration vector.

⚠️ Alert! New security flaws in AMI MegaRAC BMC software have been disclosed, putting vulnerable servers at risk. Attackers could remotely take control and deploy malware.

Details here: https://thehackernews.com/2023/07/critical-flaws-in-ami-megarac-bmc.html

U.S. cybersecurity agency warns of a critical flaw (CVE-2023-3519) in Citrix NetScaler ADC and Gateway devices being exploited by hackers to drop web shells on vulnerable systems.

Learn more: https://thehackernews.com/2023/07/citrix-netscaler-adc-and-gateway.html

DDoS botnets are exploiting the CVE-2023-28771 vulnerability in Zyxel devices to gain remote control and launch devastating attacks.

Learn more: https://thehackernews.com/2023/07/ddos-botnets-hijacking-zyxel-devices-to.html

DDoS botnets are exploiting the CVE-2023-28771 vulnerability in Zyxel devices to gain remote control and launch devastating attacks.

Learn more: https://thehackernews.com/2023/07/ddos-botnets-hijacking-zyxel-devices-to.html