The politically motivated "Moses Staff" hacker group has been observed using a custom multi-component toolset with the goal of carrying out cyberespionage against Israeli organizations.

Read: https://thehackernews.com/2022/02/moses-staff-hackers-targeting-israeli.html

Researchers have unpacked a new Golang-based botnet called "Kraken," which is under active development and features an array of backdoor capabilities.

Read details: https://thehackernews.com/2022/02/researchers-warn-of-new-golang-based.html

Researchers release a new open-source tool called "Underactor" that can uncover pixelated text from redacted documents and reveal sensitive data.

Read details: https://thehackernews.com/2022/02/this-new-tool-can-retrieve-pixelated.html

Google announced plans to bring its "Privacy Sandbox" initiative to Android to expand its privacy-focused but also less disruptive advertising technology beyond the desktop web.

Read details: https://thehackernews.com/2022/02/google-bringing-privacy-sandbox-to.html

Adobe releases patches for another critical vulnerability (CVE-2022-24087) discovered in the Adobe Commerce and Magento eCommerce platforms that could be exploited to execute arbitrary code.

Read details: https://thehackernews.com/2022/02/another-critical-rce-discovered-in.html

Cisco has released security updates to patch 3 vulnerabilities affecting its products, including one high-severity flaw that attackers can exploit by sending an email to crash Cisco Email Security Appliances.

Read details: https://thehackernews.com/2022/02/attackers-can-crash-cisco-email.html

A "potentially destructive actor" aligned with the Iranian government is actively exploiting the known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware.

Read details: https://thehackernews.com/2022/02/iranian-hackers-targeting-vmware.html

A set of new Linux vulnerabilities have been discovered in Canonical's Snap for software packaging and deployment system, the most critical of which can be exploited to gain root privileges on targeted systems.

Read details: https://thehackernews.com/2022/02/new-linux-privilege-escalation-flaw.html

Researchers have found that several computers in SouthKorea are being attacked by a botnet called "PseudoManuscrypt" using the same spreading tactics as another malware called CryptBot.

Read details: https://thehackernews.com/2022/02/pseudomanuscrypt-malware-spreading-same.html

Microsoft warns of emerging 'Ice Phishing' threats targeting Web3, blockchain, DeFi, smart contracts and other decentralized technologies.

Read details: https://thehackernews.com/2022/02/microsoft-warns-of-ice-phishing-threat.html

WordPress pushes patch for a new high-severity vulnerability in UpdraftPlus, a popular backup plugin with over 3 million active installations, which can be weaponized to download affected sites private data.

Details: https://thehackernews.com/2022/02/critical-flaw-uncovered-in-wordpress.html

The U.S. cybersecurity agency CISA publishes a repository of free tools and services to help organizations detect, mitigate, and respond effectively to malicious attacks.

Details: https://thehackernews.com/2022/02/us-cybersecurity-agency-publishes-list.html

Researchers retrieve the master key to unlock files locked by the Hive ransomware by exploiting a vulnerability in its encryption algorithm.

Read details: https://thehackernews.com/2022/02/master-key-for-hive-ransomware.html

Hackers are using infected Android devices to register mass disposable accounts that can be abused by cybercriminals to create phone-verified accounts for fraud and other criminal activities.

Details: https://thehackernews.com/2022/02/hackers-exploit-bug-in-sms-verification.html

Researchers uncover details of a recent cyberattack that targeted Iranian State Broadcaster IRIB with an unidentified destructive wiper malware.

https://thehackernews.com/2022/02/iranian-state-broadcaster-irib-hits-by_21.html

Researchers discover a new Android banking malware — dubbed "Xenomorph" — that spreads via apps on the Google Play Store and is designed to target customers of dozens of European banks.

Read: https://thehackernews.com/2022/02/xenomorph-android-banking.html

Hackers are exploiting unpatched vulnerabilities in Internet-faced Microsoft SQL servers that to backdoor them using the Cobalt Strike hacking tool.

Read details: https://thehackernews.com/2022/02/hackers-backdoor-unpatched-microsoft.html

Chinese APT10 state-sponsored hackers carried out a sophisticated organized supply-chain attack on Taiwan's financial and securities trading sector.

Read details: https://thehackernews.com/2022/02/chinese-hackers-target-taiwans.html

Hackers took advantage of smart contract upgrade process on the OpenSea NFT marketplace to conduct a phishing attack against its users, resulting in the theft of approximately $1.7 million worth of virtual assets.

Read: https://thehackernews.com/2022/02/hackers-steal-17-million-worth-of-nfts.html

Researchers uncover 25 malicious JavaScript libraries that attackers distributed via the NPM package repository with the aim of stealing Discord tokens and environment variables from compromised systems.

Read details: https://thehackernews.com/2022/02/25-malicious-javascript-libraries.html