Researchers uncover critical security flaws in the popular Chinese language input app, Tencent's Sogou Input Method, putting over 455 million monthly users at risk.

Details 👉 https://thehackernews.com/2023/08/encryption-flaws-in-popular-chinese.html

New Threat Alert: Malicious actors are leveraging the legitimate Rust-based injector Freeze[.]rs to deploy the XWorm malware in targeted environments.

https://thehackernews.com/2023/08/new-attack-alert-freezers-injector.html

🚨 New attack vector alert! Attackers leveraging Microsoft Cross-Tenant Synchronization for lateral movement & persistence.

Learn how Vectra AI reveals insights on this technique and helps defenders stay ahead.

Read the full article: https://thehackernews.com/2023/08/emerging-attacker-exploit-microsoft.html

Researchers uncover Statc Stealer, a dangerous malware targeting Windows devices. It steals login data, cookies, cryptocurency wallets, and sensitive information.

Find out more in this: https://thehackernews.com/2023/08/new-statc-stealer-malware-emerges-your.html

⚠️ CISA has added a high-severity security flaw (CVE-2023-38180) in Microsoft's .NET and Visual Studio to its Known Exploited Vulnerabilities catalog.

For more details, check out: https://thehackernews.com/2023/08/cisa-adds-microsoft-net-vulnerability.html

🚨A series of 15 high-severity vulnerabilities dubbed CoDe16 have been uncovered in CODESYS V3 SDK, posing RCE and DoS risks to Operational Technology (OT) environments.

Find out more about these: https://thehackernews.com/2023/08/15-new-codesys-sdk-flaws-expose-ot.html

Russian threat actors suspected in cyberattack on South African power company using a new variant of the SystemBC #malware called DroxiDat.

Read details here: https://thehackernews.com/2023/08/new-systembc-malware-variant-targets.html

APT31 has been linked to the use of sophisticated backdoors that are capable of stealing sensitive data, even from air-gapped systems.

To learn more about their cyber espionage tactics, visit: https://thehackernews.com/2023/08/researchers-shed-light-on-apt31s.html

🔑🔒 Google Chrome 116 add support for quantum-resistant encryption algorithms to encrypt TLS connections.

Learn more about X25519Kyber768: https://thehackernews.com/2023/08/enhancing-tls-security-google-adds.html

Decade-Long Cyber Espionage Operation!

MoustachedBouncer targets foreign embassies in Belarus. Discover how this skilled group employs AitM attacks and advanced tools.

Read: https://thehackernews.com/2023/08/researchers-uncover-decade-long-cyber.html

🚨 Critical Python URL parsing flaw (CVE-2023-24329) discovered! Allows domain filter bypass, enabling file reads & command execution.

Find details here: https://thehackernews.com/2023/08/new-python-url-parsing-flaw-enables.html

European and U.S. agencies bust cybercrime hub!

Lolek Hosted, a bulletproof hosting service aiding cyber-attacks and malware distribution, dismantled.

Admins arrested, servers seized.

Read: https://thehackernews.com/2023/08/lolek-bulletproof-hosting-servers.html

AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) vulnerabilities exposed!

Eavesdrop, infiltrate networks, or even forge botnets.

Read how vulnerabilities are exploited: https://thehackernews.com/2023/08/zoom-ztp-audiocodes-phones-flaws.html

⚡ Don't flip the switch!

Major security vulnerabilities have been uncovered in CyberPower and Dataprobe systems. Hackers could potentially exploit these flaws to carry out mass shutdowns and launch devastating attacks.

Read: https://thehackernews.com/2023/08/multiple-flaws-in-cyberpower-and.html

💪🔐 A new era of data protection begins in India!

President approves the Digital Personal Data Protection Bill, reinforcing the importance of lawful data processing while respecting personal privacy.

Read details: https://thehackernews.com/2023/08/india-passes-new-digital-personal-data.html

A new financial malware named JanelaRAT is making waves in Latin America. This threat captures sensitive data from compromised Windows systems, targeting financial and cryptocurrency info.

Read deatils: https://thehackernews.com/2023/08/new-financial-malware-janelarat-targets.html

E-commerce sites using Adobe's Magento 2 software are under attack. Ongoing campaign called Xurum exploits critical flaw CVE-2022-24086, putting businesses at risk.

Read: https://thehackernews.com/2023/08/ongoing-xurum-attacks-on-e-commerce.html

New threat: QwixxRAT, a potent remote access trojan, is for sale on Telegram and Discord.

Learn how this malware steals data from Windows machines, giving hackers unauthorized access!

Read: https://thehackernews.com/2023/08/qwixxrat-new-remote-access-trojan.html

📦 Developers, beware! Nine npm packages uploaded between Aug 9-12, 2023 have caught the attention of security experts, revealing similarities to a previous North Korean-linked campaign.

Read details: https://thehackernews.com/2023/08/north-korean-hackers-suspected-in-new.html

🔥 Hackers unknowingly fall victim to their own schemes.

Over 120,000 computers compromised via info stealers have ties to users of cybercrime forums. Accidental infections could expose cybercriminals' identities.

Read details here: https://thehackernews.com/2023/08/over-12000-computers-compromised-by.html

🚨 Attention Android Users!

Gigabud RAT, a powerful banking malware, is targeting multiple countries, including Thailand, Indonesia, and the Philippines.

Secret weapon? A delayed attack tactic evading traditional defenses.

More info: https://thehackernews.com/2023/08/gigabud-rat-android-banking-malware.html