An unpatched critical #vulnerability affects Pling-based marketplace software for Linux systems that could potentially be exploited to launch supply-chain and RCE attacks.

Details: https://thehackernews.com/2021/06/unpatched-critical-flaw-affects-pling.html

A memory leak vulnerability [CVE-2021-20019] affecting SonicWall VPN appliances was left unpatched amidst 0-day attacks that could allow remote attackers access to sensitive data.

Read: https://thehackernews.com/2021/06/sonicwall-left-vpn-flaw-partially.html

Security patches have now been released.

Important — Update your Tor browser to the latest version to patch a new privacy vulnerability that can be exploited remotely to track users' online activity.

Details: https://thehackernews.com/2021/06/patch-tor-browser-bug-to-prevent.html

A hacker with suspected ties to Pakistan targeted an Indian power transmission and generation organization with ReverseRat malware.

Read: https://thehackernews.com/2021/06/pakistan-linked-hackers-targeted-indian.html

Experts say this attacker targets South and Central Asia governments and energy companies.

John David McAfee, a controversial mogul and antivirus pioneer, committed suicide in a Barcelona jail cell in Barcelona, just hours after reports that he would be extradited to face federal charges.



Details: https://thehackernews.com/2021/06/antivirus-pioneer-john-mcafee-found.html

VMware has released security patches for Carbon Black App Control to fix a critical vulnerability (CVE-2021-21998, CVSS 9.4) that could allow attackers to access targeted servers without authentication.

Details: https://thehackernews.com/2021/06/critical-auth-bypass-bug-affects-vmware.html

The BIOSConnect feature of Dell systems contains several high-risk vulnerabilities that could lead to the execution of arbitrary code at the BIOS /UEFI level.

https://thehackernews.com/2021/06/bios-disconnect-new-high-severity-flaws.html

At least 128 Dell laptop, desktop and tablet models are affected by this issue.

Researchers demonstrated 1-click exploit for Atlassian's project and #software development platform that could potentially be exploited to take over an account and control apps connected via SSO functionality.

Read: https://thehackernews.com/2021/06/one-click-exploit-could-have-let.html

Recently arrested members of the Cl0p ransomware gang were involved in laundering $500 million for malicious actors through a variety of illegal activities.

Read: https://thehackernews.com/2021/06/clop-gang-members-laundered-500-million.html

Cryptocurrency exchange Binance worked with law enforcement to bring down the crime group

A supervisor for the hacker group FIN7 was sentenced to 7 years in prison for acting as a pentester to maintain a criminal scheme that allowed hackers to steal millions of debit and credit cards.

Read: https://thehackernews.com/2021/06/fin7-supervisor-gets-7-year-jail-term.html

A computer virus—dubbed "Crackonosh"—spread via cracked copies of popular software, has mined nearly 2 million worth of Monero cryptocurrency using 222,000 hacked systems.

Read: https://thehackernews.com/2021/06/crackonosh-virus-mined-2-million-of.html

Attention!

A sophisticated #cyberattack is currently underway against Zyxel firewalls and VPNs using unknown user accounts — such as "zyxel_slIvpn", "zyxel_ts" or "zyxel_vpn_test" — to establish unauthorised remote access.

Details: https://thehackernews.com/2021/06/watch-out-zyxel-firewalls-and-vpns.html

Google has extended the deadline for phasing out 3rd-party tracking cookies in its Chrome browser until the end of 2023 giving the digital advertising industry more time to develop privacy-friendly targeted ads.

Read: https://thehackernews.com/2021/06/google-extends-support-for-tracking.html

The hackers Hackers responsible for the SolarWinds breach also compromised a Microsoft customer service agent and attempted to further target company's customers.

Details — https://thehackernews.com/2021/06/solarwinds-hackers-breach-microsoft.html

Cisco Adaptive Security Appliances (ASA) have been actively targeted by hackers following the release of exploit code for a security vulnerability (CVE-2020-3580)

Read: https://thehackernews.com/2021/06/cisco-asa-flaw-under-active-attack.html

This Microsoft Edge Browser Bug Could Have Let Hackers Steal Your Secrets for Any Site
https://thehackernews.com/2021/06/microsoft-edge-bug-couldve-let-hackers.html

Hackers Trick Microsoft Into Signing Netfilter Driver Loaded With Rootkit Malware
https://thehackernews.com/2021/06/hackers-trick-microsoft-into-signing.html

Google Play Store now requires all #Android app developers to verify their physical address and use two-step verification to prevent scams and fraudulent accounts.

Read: https://thehackernews.com/2021/06/google-now-requires-app-developers-to.html

Researcher uncover an unpatched vulnerability in Google's Compute Engine platform that could be abused by an attacker to take over virtual machines over the network.

Details: https://thehackernews.com/2021/06/unpatched-virtual-machine-takeover-bug.html

GitHub has launched a new AI-powered code completion tool — Copilot — to help software developers write better code in a variety of programming languages, including Python, #JavaScript, TypeScript, Ruby, and Go.

Read details: https://thehackernews.com/2021/06/github-launches-copilot-ai-powered-code.html