A new vulnerability (CVE-2022-0811) in the CRI-O engine, dubbed “cr8escape,” could allow attackers to escape Kubernetes containers and gain root access.

Read details: https://thehackernews.com/2022/03/new-vulnerability-in-cri-o-engine-lets.html

Ukrainian Secret Service has arrested a hacker who was helping Russian troops invade.

Read details: https://thehackernews.com/2022/03/ukraine-secret-service-arrests-hacker.html

A new report from Microsoft explains how TrickBot malware is leveraging hacked IoT devices serve proxies for its command-and-control infrastructure.

Read: https://thehackernews.com/2022/03/trickbot-malware-abusing-hacked-iot.html

Cybersecurity researchers from Avast have found that the wormable module of the DirtyMoe botnet has gained several new exploits that allow the malware to spread quickly to other computers.

Read details: https://thehackernews.com/2022/03/dirtymoe-botnet-gains-new-exploits-in.html

⚡ Developer of a popular NPM package has intentionally updated the library to wipe and replace data with a ❤️ heart emoji on all systems running it from Russia or Belarus to protest against the invasion of Ukraine.

Details: https://thehackernews.com/2022/03/popular-npm-package-updated-to-wipe.html

A new variant of the "Cyclops Blink" botnet malware is now targeting ASUS routers in an attempt to build an infrastructure for further cyberattacks on high-value targets.

Read details: https://thehackernews.com/2022/03/new-variant-of-russian-cyclops-blink.html

Cisco Talos researchers have found evidence that some cybercriminal affiliates of BlackMatter are now spreading BlackCat ransomware.

Details: https://thehackernews.com/2022/03/experts-find-some-affiliates-of.html

Google has uncovered a financially motivated "initial access broker" group that appears to be working with the Conti #ransomware gang.

Read details: https://thehackernews.com/2022/03/google-uncovers-initial-access-broker.html

⚡ Hackers have been spotted deploying a new rootkit targeting Oracle Solaris systems at Banks in an attempt to compromise the switching networks of ATMs (ATM) and perform unauthorized cash withdrawals.

Read: https://thehackernews.com/2022/03/hackers-target-bank-networks-with-new.html

Researchers uncover details of a hacking campaign by South Korean hacker group DarkHotel that targeted luxury hotels and resorts in Macau.

Read details: https://thehackernews.com/2022/03/south-korean-darkhotel-hackers-targeted.html

CryptoRom crypto scammers trick unsuspecting victims into installing fake apps by exploiting legitimate #iOS features like TestFlight and Web Clips.

Read details: https://thehackernews.com/2022/03/cryptorom-crypto-scam-abusing-iphone.html

Hackers use an open-source package installer to compromise French entities in the construction, real estate and government sectors with a new backdoor called "Serpent."

Read details: https://thehackernews.com/2022/03/new-backdoor-targets-french-entities.html

A researcher warns of a new "browser-in-the-browser" (BITB) technique that could allow attackers to spoof a legitimate domain to launch nearly undetectable phishing attacks and steal credentials.

Read details: https://thehackernews.com/2022/03/new-browser-in-browser-bitb-attack.html

A set of newly disclosed critical vulnerabilities in Dell BIOS software affect millions of Edge, Inspiron, Vostro, XPS, Latitude and Alienware series computers.

Read details: https://thehackernews.com/2022/03/new-dell-bios-bugs-affect-millions-of.html

Lapsus$ hacker group claim to have breached Microsoft & authentication company Okta and released 37 GB of data, including source code for Bing Search, Bing Maps and #Cortana, Microsoft's virtual assistant.

https://thehackernews.com/2022/03/lapsus-hackers-claim-to-have-breached.html

⚡ Microsoft and Okta confirm the breach after LAPSUS$ hackers posted stolen source code and screenshots online showing access to the company's internal systems.

Read details: https://thehackernews.com/2022/03/microsoft-and-okta-confirm-breach-by.html

More than 200,000 MicroTik routers worldwide are controlled by botnet malware, described by cybersecurity researchers as one of the largest botnet-as-a-service cybercrime operations in recent years.

Details: https://thehackernews.com/2022/03/over-200000-microtik-routers-worldwide.html

A new variant of Gimmick malware has been spotted that's designed to target Apple macOS systems.

Read details: https://thehackernews.com/2022/03/new-variant-of-chinese-gimmick-malware.html

Hackers from the Chinese cyberespionage group "Mustang Panda" deploying a new variant of the Korplug malware, dubbed Hodur.

Read details: https://thehackernews.com/2022/03/chinese-mustang-panda-hackers-spotted.html

VMware releases patches for critical vulnerabilities in Carbon Black App Control, including a command injection (CVE-2022-22951) and a file upload vulnerability (CVE-2022-22952).

Read details: https://thehackernews.com/2022/03/vmware-issues-patches-for-critical.html