XCSSET macOS malware campaign that targeted Xcode developers has been updated to include support for Apple's new M1 chips and expand its capabilities to steal from cryptocurrency apps.

Read: https://thehackernews.com/2021/04/malware-spreads-via-xcode-projects-now.html

In recent spear-phishing attacks, North Korean Lazarus APT hackers are now using BMP images to hide RAT malware.

Read: https://thehackernews.com/2021/04/lazarus-apt-hackers-are-now-using-bmp.html

Watch Out! Researchers have spotted a new set of fraudulent Android apps—with over 700,000 downloads—on the Google Play store that hijack SMS notifications for billing scams.

Check list here: https://thehackernews.com/2021/04/over-750000-users-download-new-billing.html

🔥 WARNING !!!

APT hackers are exploiting a new UNPATCHED 0-DAY critical authentication bypass vulnerability (CVE-2021-22893) in Pulse Connect Secure Gateway to breach organizations worldwide.
Details — https://thehackernews.com/2021/04/warning-hackers-exploit-unpatched-pulse.html
Temporary mitigations currently available.

0-DAY ALERT — Hackers have been exploiting 3 new flaws in #SonicWall Email Security appliances to penetrate corporate networks and "install a backdoor, access files and email, and move laterally on the victim's network."

Details: https://thehackernews.com/2021/04/3-zero-day-exploits-hit-sonicwall.html

⚡ Google Chrome users should UPDATE (90.0.4430.85 or above) their browsers immediately to fix a high-risk vulnerability for which no patch was available for a week after a PoC exploit was made public.

Read — https://thehackernews.com/2021/04/update-your-chrome-browser-immediately.html

REvil ransomware gang has compromised Apple supplier Quanta, and hackers are now threatening to leak stolen blueprints of future MacBooks if a $50 million ransom isn't paid.

Sample blueprints published. Read: https://thehackernews.com/2021/04/hackers-threaten-to-leak-stolen-apple.html

Cybercriminals are now using Telegram messenger to control ToxicEye malware deployed on infected computers remotely.

https://t.co/xiHchIw4gL

Researchers discover additional infrastructure used by the SolarWinds hackers, suggesting they carefully planned to avoid creating patterns that would make them easy to detect, intentionally complicating forensic analysis.

Read: https://t.co/iKORVVGUgG

During an incident response engagement, CISA discovers that a separate group of hackers used the SUPERNOVA malware to backdoor SolarWinds Orion after gaining access to the network through Pulse Secure VPN.

Read: https://thehackernews.com/2021/04/hackers-exploit-vpn-flaw-to-deploy.html

Watch Out! Prometei cryptocurrency botnet is now hunting for unpatched Microsoft Exchange servers and exploiting ProxyLogon flaws to infiltrate networks and install malware.

Read: https://thehackernews.com/2021/04/prometei-botnet-exploiting-unpatched.html

Cybercriminals exploited 3 new security vulnerabilities affecting QNAP network attached storage (NAS) devices in recent ransomware attacks.

Read details: https://thehackernews.com/2021/04/new-qnap-nas-flaws-exploited-in-recent.html
QNAP is also urging users to install the latest software updates to prevent these attacks.

In a recent supply chain cyberattack, Passwordstate password manager's software update was hijacked to install backdoors on the computers of thousands of users.

Read: https://thehackernews.com/2021/04/passwordstate-password-manager-update.html
All Passwordstate users should reset their saved passwords immediately.

A critical vulnerability in Homebrew Package Manager for macOS and Linux could have allowed hackers to execute arbitrary code on users' machines remotely.

https://thehackernews.com/2021/04/critical-rce-bug-found-in-homebrew.html

Researchers analyzed one of the largest password dumps, containing over 3.2 BILLION usernames and plain-text passwords, and discovered 1.5 MILLION records associated with emails linked to government domains around the world.

Read: https://thehackernews.com/2021/04/32-billion-leaked-passwords-contain-15.html

Today the Emotet malware destroys itself!

As planned by law enforcement agencies, all infected computers around the globe receive a payload that automatically removes the virus from victims' Windows systems.
Details: https://thehackernews.com/2021/04/emotet-malware-destroys-itself-today.html

An unpatched vulnerability in Apple's offline file-sharing technology in iPhone and Macbook could allow anyone nearby to discover your personal information.

Read details: https://thehackernews.com/2021/04/apple-airdrop-bug-could-leak-your.html

Researchers from University of Minnesota apologized to #Linux Kernel Project maintainers for intentionally introducing insecure code, which led to the school being banned from further contributing to the open-source project.

Read: https://thehackernews.com/2021/04/minnesota-university-apologizes-for.html

FBI and U.S. CISA have released a new joint advisory to expose the tactics, techniques, and procedures (TTPs) used by Russian Intelligence hackers in cyberattacks against U.S. and foreign entities.

Read details: https://thehackernews.com/2021/04/fbi-cisa-uncover-tactics-employed-by.html

🔥 Watch Out! Hackers are exploiting a zero-day vulnerability flaw in Gatekeeper that permits unapproved software to run on Apple macbooks.

Read detail: https://thehackernews.com/2021/04/hackers-exploit-0-day-gatekeeper-flaw.html
Users are advised to install the latest updates to patch the issue.