⚡Researcher discloses PoC for a new UNPATCHED zero-day remote code execution vulnerability in the Java Spring Framework, threatening the security of enterprise systems and web apps worldwide.

Details: https://thehackernews.com/2022/03/unpatched-java-spring-framework-0-day.html

Hackers are increasingly using the recently disclosed browser-in-the-browser (BitB) technique as part of their credential phishing campaigns exploiting the ongoing Russian-Ukrainian war.

Read details: https://thehackernews.com/2022/03/hackers-increasingly-using-browser-in.html

Researchers have discovered the first Python-based #ransomware strain that specifically targets exposed Jupyter notebooks, a web-based interactive computing platform.

Read details: https://thehackernews.com/2022/03/new-python-based-ransomware-targeting.html

3 New security vulnerabilities have been discovered in the popular #Wyze Cam devices that could allow attackers to execute arbitrary code and access camera feeds.

Read details: https://thehackernews.com/2022/03/bugs-in-wyze-cams-could-let-attackers.html

Important — Spring Framework maintainers have released an emergency patch to address a newly disclosed RCE vulnerability (CVE-2022-22965) that could allow unauthenticated attackers to take control of targeted systems.

Details: https://thehackernews.com/2022/03/security-patch-releases-for-critical.html

Apple is rolling out emergency security patches to address 2 new zero-day vulnerabilities affecting iOS, iPadOS and macOS operating systems that may have been exploited in the wild.

Details: https://thehackernews.com/2022/03/apple-issues-patches-for-2-actively.html

Zyxel releases patches for a critical authentication bypass vulnerability (CVE-2022-0342) affecting its firewalls and enterprise VPN products.

Read details: https://thehackernews.com/2022/03/zyxel-releases-patches-for-critical-bug.html

North Korean state-backed Lazarus hacking group has been spreading backdoored versions of DeFi wallet apps to gain remote access to victims' systems and steal their cryptocurrencies.

Read details: https://thehackernews.com/2022/04/north-korean-hackers-distributing.html

Chinese APT hacker group "Deep Panda'' exploits the infamous Log4Shell vulnerability in VMware Horizon to infect targeted servers with rootkit malware signed with a stolen digital certificate.

Details: https://thehackernews.com/2022/04/chinese-hackers-target-vmware-horizon.html

Critical vulnerabilities (CVE-2022-1161, CVE-2022-1159) reported in Rockwell PLCs & engineering workstation software that can be exploited to inject malicious code and stealthily modify automation processes.

Details: https://thehackernews.com/2022/04/critical-bugs-in-rockwell-plc-could.html

Researchers have found a Russian wiper malware, dubbed "AcidRain," believed to be responsible for the recent cyberattack on Viasat that temporarily knocked KA-SAT modems offline.

Read details: https://thehackernews.com/2022/04/russian-wiper-malware-responsible-for.html

DevOps platform GitLab has released software updates to fix a critical vulnerability (CVE-2022-1162) that could allow attackers to hijack accounts.

Read details: https://thehackernews.com/2022/04/gitlab-releases-patch-for-critical.html

British police have charged 2 of the 7 teenagers arrested last week for their alleged links to the LAPSUS$ data extortion gang.

Read details: https://thehackernews.com/2022/04/british-police-charge-two-teenagers.html

A 15-year-old developer account hijacking vulnerability has been disclosed in the PEAR PHP repository that could've allowed attackers to launch supply-chain attacks by releasing new malicious versions of existing packages.

Details: https://thehackernews.com/2022/04/15-year-old-bug-in-pear-php-repository.html

Beastmode DDoS botnet is now exploiting recently disclosed vulnerabilities in TOTOLINK routers to infect unpatched devices and expand its reach potentially.

Read details: https://thehackernews.com/2022/04/beastmode-ddos-botnet-exploiting-new.html

Researchers have shed light on a previously undocumented "sophisticated" information-stealing malware called "BlackGuard" that is advertised for sale on Russian underground hacking forums.

Read details: https://thehackernews.com/2022/04/experts-shed-light-on-blackguard.html

A new attack, dubbed "Brokenwire," could allow remote attackers to disrupt the ability to charge electric vehicles at scale from a distance of as far as 47m.

Read details: https://thehackernews.com/2022/04/brokenwire-hack-could-let-remote.html

Several state-sponsored hacker groups are using the ongoing Russian-Ukrainian war as bait to attack a variety of sectors, including energy, finance, and government, with #malware and steal sensitive information.

Read: https://thehackernews.com/2022/04/multiple-hacker-groups-capitalizing-on.html

Researchers uncover a new Android spyware with a C2 server linked to the Turla hackers, masquerading as a "process manager" service to stealthily siphon off sensitive information stored on infected devices.

Details: https://thehackernews.com/2022/04/researchers-uncover-new-android-spyware.html

U.S. cybersecurity agency CISA has included the recently disclosed Remote Code Execution (RCE) vulnerability affecting Spring Framework in its Known Exploited Vulnerabilities Catalog based on "evidence of active exploitation."

Details: https://thehackernews.com/2022/04/cisa-warns-of-active-exploitation-of.html