Researchers uncover an active cryptocurrency mining campaign that infected over 111,000 victims in 11 countries using fake software disguised as installers for popular applications.

Read details: https://thehackernews.com/2022/08/nitrokod-crypto-miner-infected-over.html

A new ransomware strain written in Golang dubbed "Agenda", which comes with the ability to customize binary payloads for individual victims, has been spotted in the wild targeting healthcare and education entities.

Details: https://thehackernews.com/2022/08/new-golang-based-agenda-ransomware-can.html

The U.S. Federal Trade Commission (FTC) has filed suit against Kochava, a location data broker, for collecting and selling precise geolocation data gathered from hundreds of millions of consumers' mobile devices.

Details: https://thehackernews.com/2022/08/ftc-sues-data-broker-over-selling.html

India's newest commercial airline, "Akasa Air," has had its customers' personal data exposed, which the company attributes to a technical configuration error.

Read details: https://thehackernews.com/2022/08/indias-newest-airline-akasa-air-suffers.html

Researchers uncover three related but distinct campaigns that spread malware such as ModernLoader, RedLine stealer, and cryptocurrency miners.

Read: https://thehackernews.com/2022/08/hackers-use-modernloader-to-infect.html

A Chinese hacker group conducted a months-long cyberespionage campaign against several entities using ScanBox Reconnaissance Framework to gather information about its victims.

Read details: https://thehackernews.com/2022/08/chinese-hackers-used-scanbox-framework.html

Google has introduced a new bug bounty program for its open source projects, with payouts ranging from $100 to $31,337 to protect the ecosystem from supply chain attacks.

Read details: https://thehackernews.com/2022/08/google-launches-new-open-source-bug.html

A persistent Golang-based malware campaign is leveraging the deep field image taken from NASA's James Webb Space Telescope (JWST) as bait to install malicious payloads on infected systems.

Read details: https://thehackernews.com/2022/08/hackers-hide-malware-in-stunning-images.html

Researchers uncover malicious Chrome browser extensions with a total install base of over 1,400,000 that are masquerading as Netflix viewers and profiting from retail affiliate programs.

Read details: https://thehackernews.com/2022/08/experts-find-malicious-cookie-stuffing.html

Apple has backported a security patch to older iPhones, iPads and iPod touch models to address a critical vulnerability that has been actively exploited in the wild.

Read details — https://thehackernews.com/2022/09/apple-releases-ios-update-for-older.html

A newly reported "high severity vulnerability" in the TikTok app for Android could have allowed attackers to take over accounts.

Read details: https://thehackernews.com/2022/09/microsoft-discover-severe-one-click.html

Researchers have found that the attack infrastructure used to hack Cisco in May 2022 was also used to attack the holding company of an unnamed large workforce management solutions company.

Read details: https://thehackernews.com/2022/09/infra-used-in-cisco-hack-also-targeted.html

Researchers have identified over 1,800 apps for Android and iOS containing hard-coded Amazon Web Services (AWS) credentials, posing a major security risk.

Read details: https://thehackernews.com/2022/09/over-1800-android-and-ios-apps-found.html

Researchers detail the operations and techniques used by the operators of the emerging cross-platform BianLian ransomware.

Read details: https://thehackernews.com/2022/09/researchers-detail-emerging-cross.html

Google Chrome as well as Chromium-based alternative web browsers have a "major" security issue that could allow malicious websites to overwrite the contents of the system clipboard without the user's consent.

Details: https://thehackernews.com/2022/09/google-chrome-bug-lets-sites-silently.html

Researchers have found functional similarities between a malicious component used in the Raspberry Robin infection chain and a Dridex malware loader, further strengthening the operators' ties to the Russia-based Evil Corp group.

Read: https://thehackernews.com/2022/09/new-evidence-links-raspberry-robin.html

WATCH OUT!

PyPI, Python Package Index, automatically executes code on the system when developers merely download a package.

⅓ of PyPI packages use the feature.

Using it hackers can achieve higher infection rates in supply-chain attacks.

https://thehackernews.com/2022/09/warning-pypi-feature-executes-code.html

Researchers discover a backdoor in the "Prynt information stealing malware" that its creator added to secretly steal a copy of victims' data exfiltrated by other cybercriminals.

Read details: https://thehackernews.com/2022/09/prynt-stealer-contains-backdoor-to.html

Samsung suffered a data breach that exposed personal information of some of its U.S. customers.

Read: https://thehackernews.com/2022/09/samsung-admits-data-breach-that-exposed.html

Google has released an urgent update for the Chrome browser for Windows, Mac, and Linux systems to patch a newly discovered zero-day vulnerability that attackers are exploiting in the wild.

Read details: https://thehackernews.com/2022/09/google-release-urgent-chrome-update-to.html