XLoader, a low-cost and popular Windows malware available on rent, has now been upgraded to allow cybercriminals to spy on Apple's macOS users.

Read: https://thehackernews.com/2021/07/xloader-windows-infostealer-malware-now.html

In an apparent supply-chain attack, a software package available from the official NPM repository has been caught stealing users’ saved passwords from their Chrome web browser.

Read details: https://thehackernews.com/2021/07/malicious-npm-package-caught-stealing.html

Another hacker, a British national, has been arrested in connection with the high-profile 2020 Twitter hack who played a role in the massive bitcoin scam.

Read details: https://thehackernews.com/2021/07/another-hacker-arrested-for-2020.html

Oracle warns of three newly discovered critical vulnerabilities in Weblogic server software that can be exploited remotely without authentication.

Read: https://thehackernews.com/2021/07/oracle-warns-of-critical-remotely.html

As part of the July 2021 Patch Updates, Oracle also released 342 fixes that span multiple products.

Kaseya has received a universal REvil decryptor to help customers recover data, nearly 3 weeks after a supply-chain ransomware attack impacted the company.



https://thehackernews.com/2021/07/kaseya-gets-universal-decryptor-to-help.html

Nasty macOS malware XCSSET has been updated once again to steal sensitive data from a variety of apps, including Chrome and Telegram.

Read: https://thehackernews.com/2021/07/nasty-macos-malware-xcsset-now-targets.html

A newly discovered "PetitPotam" NTLM relay attack can be exploited by attackers to completely take over Windows domains by forcing remote servers—including Domain Controllers—to authenticate with a malicious machine.

Details: https://thehackernews.com/2021/07/new-petitpotam-ntlm-relay-attack-lets.html

Microsoft warns of a notorious cross-platform crypto-mining malware that has refined and improved its techniques to attack Windows and #Linux operating systems.

Read details: https://thehackernews.com/2021/07/microsoft-warns-of-lemonduck-malware.html

A growing number of cybercriminals are switching from conventional programming languages to "exotic" languages—such as Go, Rust, Nim, Dlang—for #malware development that can bypass security, and complicate reverse-engineering efforts.

Read: https://thehackernews.com/2021/07/hackers-turning-to-exotic-programming.html

Rapid7 has uncovered multiple flaws affecting 3 open-source projects — EspoCRM, Pimcore, Akaunting — that are used by several small & medium-sized businesses that could provide a pathway for more sophisticated attacks.

Details: https://thehackernews.com/2021/07/several-bugs-found-in-3-open-source.html

Zimbra email collaboration software, used by over 200,000 companies, has been found vulnerable to multiple flaws that could be exploited to compromise email accounts & even take full control of mail server when hosted on a cloud infrastructure.

https://thehackernews.com/2021/07/new-bug-could-let-attackers-hijack.html

An Iranian cyberespionage group spent years posing as an aerobics instructor on Facebook to infect the computer of an aerospace defense contractor with malware.

Read details: https://thehackernews.com/2021/07/hackers-posed-as-aerobics-instructors.html

Chinese cyberespionage group PKPLUG deployed a previously undocumented variant of PlugX RAT on compromised systems during the recent wave of attacks on #Microsoft Exchange servers.

Read details: https://thehackernews.com/2021/07/chinese-hackers-implant-plugx-variant.html

Here is a list of the top 30 most commonly exploited critical security vulnerabilities that hackers weaponize against broad target sets, including public and private sector organizations worldwide.

Read details: https://thehackernews.com/2021/07/top-30-critical-security.html

Vultur — a new Android remote access trojan — uses smartphone's screen recording feature to spy on its victims and steal their banking credentials.

Details: https://thehackernews.com/2021/07/new-android-malware-uses-vnc-to-spy-and.html

Two new ransomware gangs — Haron and BlackMatter — have appeared on cybercrime forums, with one professing to be a successor to DarkSide and REvil, infamous syndicates that went off the grid following major attacks on Colonial Pipeline and Kaseya.

https://thehackernews.com/2021/07/new-ransomware-gangs-haron-and.html

Hackers are using a decoy document titled "Crimea Manifesto" to infect target computers with a fully-featured VBA malware.

Details: https://thehackernews.com/2021/07/hackers-exploit-microsoft-browser-bug.html

It uses two attack vectors—malicious macros and an IE browser exploit—aiming to increase the chances of infection.

Microsoft has issued a warning about an ongoing malicious campaign employs uses fake call centers to trick users into downloading BazaLoader malware that can sniff data and install ransomware.

Read details: https://thehackernews.com/2021/07/phony-call-centers-tricking-users-into.html

A recent cyberattack that disrupted Iran's railway system and the ministry of transportation was caused by a never-before-seen reusable wiper malware called "Meteor."



Details: https://thehackernews.com/2021/07/a-new-wiper-malware-was-behind-recent.html

Researchers have discovered several malicious Python libraries hosted on the PyPI repository that aim to steal credit cards and inject code.

Read details: https://thehackernews.com/2021/07/several-malicious-typosquatted-python.html