Researchers demonstrated how attackers could upload data from non-internet-connected devices by taking advantage of the Find My Network feature in nearby Apple devices.

Read details: https://thehackernews.com/2021/05/apples-find-my-network-can-be-abused-to.html

Watch Out, Users! Bizarro banking malware has now been targeting over 70 banks in Europe and South America.

Read: https://thehackernews.com/2021/05/70-european-and-south-american-banks.html

Over 150 vulnerabilities have been discovered in 58 popular Android stalkerware apps, allowing others to take control of them and put victims' security and privacy at even greater risk.

Read: https://thehackernews.com/2021/05/experts-reveal-over-150-ways-to-steal.html

A new report uncovers how Apple gave the Chinese government access to its users' iCloud data and also allegedly censored several apps.

Read details: https://thehackernews.com/2021/05/how-apple-gave-chinese-government.html

🔥 AWESOME!!!

Google Chrome browser to offer users a new feature allowing them to identify and reset their compromised passwords for various websites with just one-click.
Read details: https://thehackernews.com/2021/05/a-simple-1-click-compromised-password.html

Mozilla has begun rolling out 'Site Isolation' security feature for its Firefox browser in nightly and beta channels that aims to protect users against a new class of attacks from malicious sites.

Read details: https://thehackernews.com/2021/05/mozilla-begins-rolling-out-site.html

Cybercriminals behind the DarkSide ransomware attacks extorted nearly $90 million in ransom from multiple victims in 9 months.

Read: https://thehackernews.com/2021/05/darkside-ransomware-gang-extorted-90.html

Google has released Android security updates, including patches for 4 zero-day vulnerabilities affecting Arm and Qualcomm components that have been exploited in the wild.

Details: https://thehackernews.com/2021/05/android-issues-patches-for-4-new-zero.html

Researchers find that the Oldsmar water plant was likely targeted by a watering hole attack via the website of an infrastructure contractor in the U.S. state of Florida.

Read: https://thehackernews.com/2021/05/watering-hole-attack-was-used-to-target.html

Personal data of over 100 million users is exposed by 23 #Android apps on the Google Play Store, potentially making them a lucrative target for malicious actors.

The list of affected apps can be found here: https://thehackernews.com/2021/05/these-23-android-apps-expose-over.html

Microsoft warns users to be watchful of the threat of STRRAT data-stealing malware, which is being spread through a "massive email campaign" posing as a ransomware infection.

Read details: https://thehackernews.com/2021/05/microsoft-warns-of-data-stealing.html

CNA Financial, one of the largest insurance companies in the US, has reportedly paid hackers $40 MILLION in ransom to regain access to its systems—making it the most expensive ransom payment to date.

Read: https://thehackernews.com/2021/05/insurance-firm-cna-financial-reportedly.html

A massive data breach at India's flag carrier airline — AirIndia — has exposed credit card and passport data of 4.5 million passengers registered between August 2011 and February 2021, a period of nearly 10 years.

Read: https://thehackernews.com/2021/05/indias-flag-carrier-airline-air-india.html

The FBI has issued a ⚡FLASH ALERT warning of the Conti ransomware that has affected 16 healthcare and emergency services organizations in the United States.

Read details: https://thehackernews.com/2021/05/fbi-warns-conti-ransomware-hit-16-us.html

Researchers disclose details on several critical vulnerabilities affecting Nagios IT monitoring software that could let attackers hijack corporate networks.

Read: https://thehackernews.com/2021/05/details-disclosed-on-critical-flaws.html

A new study has revealed that state-sponsored hackers linked to North Korea were behind a series of "CryptoCore" cyberattacks on cryptocurrency exchanges over the past 3 years.

Read: https://thehackernews.com/2021/05/researchers-link-cryptocore-attacks-on.html

Apple‌ ‌has‌ ‌released‌ ‌software‌ ‌updates‌ ‌for‌ ‌iOS,‌ ‌macOS,‌ ‌tvOS,‌ ‌watchOS,‌ ‌and‌ ‌Safari‌ ‌web‌ ‌browser, containing security patches to address multiple vulnerabilities—including EMERGENCY security patches for the ongoing 0-DAY ‌attacks

https://thehackernews.com/2021/05/apple-issues-patches-to-combat-ongoing.html

A‌ ‌newly discovered set of vulnerabilities in Bluetooth Core and Mesh Profile specifications could pose a threat to legitimate devices, allowing attackers to impersonate them and initiate MITM‌ ‌attacks.

Read: https://thehackernews.com/2021/05/new-bluetooth-flaws-let-attackers.html

A new high-severity buffer overflow vulnerability (CVE-2021-22908) has been reported in Pulse Connect Secure (PCS) that allows a remote, authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user.

Read: https://thehackernews.com/2021/05/new-high-severity-vulnerability.html

Russian-language darkweb marketplace Hydra has emerged as a hotspot for illicit activities, pulling in a whopping $1.37 BILLION worth of cryptocurrencies in 2020.

Read details: https://thehackernews.com/2021/05/russian-hydra-darknet-market-made-over.html