Hackers have been targeting Russian entities for at least a year with the newly discovered remote access trojan Woody RAT.

Read details: https://thehackernews.com/2022/08/new-woody-rat-malware-being-used-to.html

Researchers discovered a critical unauthenticated RCE vulnerability (CVE-2022-32548) affecting 29 different router models from DrayTek that can be exploited to gain full access over targeted networks.

Read details: https://thehackernews.com/2022/08/critical-rce-bug-could-let-hackers.html

U.S. cybersecurity agency CISA has added a recently disclosed, high-severity vulnerability in the Zimbra email suite to its "Known Exploited Vulnerabilities Catalog," citing evidence of active exploitation.

Read details: https://thehackernews.com/2022/08/cisa-adds-zimbra-email-vulnerability-to.html

An increasing number of malware attacks are leveraging a nascent command-and-control service called "Dark Utilities," which allows hackers to remotely control compromised systems.

Read details: https://thehackernews.com/2022/08/a-growing-number-of-malware-attacks.html

The U.S. Department of Homeland Security (DHS) has warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices that could enable attackers to send fake messages.

Read details: https://thehackernews.com/2022/08/emergency-alert-system-flaws-could-let.html

Slack has reset passwords for some of its users after discovering a vulnerability in its workspace invitation system that exposed their salted password hashes.

Read details: https://thehackernews.com/2022/08/slack-resets-passwords-after-bug.html

Twitter reveals that hackers exploited a new zero-day vulnerability to expose 5.4 million user accounts by linking emails and phone numbers to them.

Read details: https://thehackernews.com/2022/08/hackers-exploit-twitter-vulnerability.html

Researchers discover new IoT RapperBot malware capable of brute-forcing SSH credentials to compromise Linux servers.

Read details: https://thehackernews.com/2022/08/new-iot-rapperbot-malware-targeting.html

Meta said it took action against two espionage operations in South Asia that used the Facebook platform to spread malware to potential targets.

Read details: https://thehackernews.com/2022/08/meta-cracks-down-on-cyber-espionage.html

A sophisticated scam-as-a-service scheme known as "Classiscam" is now targeting Singapore.

Read details: https://t.co/OIhdnnMgTh

A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto's account transaction information to generate domain names to conceal its command-and-control (C2) infrastructure.

Details: https://t.co/hZ3swtxAX3

Researchers have discovered 10 new malicious Python packages distributed via the Python Package Index (PyPI) to harvest critical data points, such as users' passwords and API tokens.

Read details: https://thehackernews.com/2022/08/10-credential-stealing-python-libraries.html

Researchers have detected a wave of targeted cyberattacks on military-industrial complex enterprises and public institutions in several Eastern European countries and Afghanistan.

Read details: https://thehackernews.com/2022/08/chinese-hackers-targeted-dozens-of.html

The U.S. Treasury sanctions virtual currency mixer Tornado Cash, citing its involvement with North Korea's Lazarus Group's high-profile hacking of Ethereum bridges to launder and cash out ill-gotten gains.

Details: https://thehackernews.com/2022/08/us-sanctions-virtual-currency-mixer.html

Customer engagement platform Twilio suffered a data breach after hackers gained "unauthorised access" by tricking some employees into providing their credentials via SMS-based phishing campaigns.

Read details: https://thehackernews.com/2022/08/twilio-suffers-data-breach-after.html

Patch Tuesday, August 2022 — Microsoft releases security updates to address 121 newly reported vulnerabilities, including a zero-day (CVE-2022-34713) bug that the company says is being actively exploited.

Read details: https://thehackernews.com/2022/08/microsoft-issues-patches-for-121-flaws.html

CISA added a recently disclosed security flaw in UnRAR for Linux to its Known Exploited Vulnerabilities Catalog after receiving evidence of active attacks.

Read details: https://thehackernews.com/2022/08/cisa-issues-warning-on-active.html

At least 76 Cloudflare employees and their families were also targeted by hackers behind the recent Twilio security breach.

Read details: https://thehackernews.com/2022/08/hackers-behind-twilio-breach-also_10.html

Researchers detail the Maui ransomware attacks carried out by North Korean government-backed hackers.

Read details: https://thehackernews.com/2022/08/experts-uncover-details-on-maui.html

A former Twitter employee has been convicted of spying on the private information of Twitter users for Saudi Arabia.

Read details: https://thehackernews.com/2022/08/former-twitter-employee-found-guilty-of.html