WATCH OUT!

PyPI, Python Package Index, automatically executes code on the system when developers merely download a package.

⅓ of PyPI packages use the feature.

Using it hackers can achieve higher infection rates in supply-chain attacks.

https://thehackernews.com/2022/09/warning-pypi-feature-executes-code.html

Researchers discover a backdoor in the "Prynt information stealing malware" that its creator added to secretly steal a copy of victims' data exfiltrated by other cybercriminals.

Read details: https://thehackernews.com/2022/09/prynt-stealer-contains-backdoor-to.html

Samsung suffered a data breach that exposed personal information of some of its U.S. customers.

Read: https://thehackernews.com/2022/09/samsung-admits-data-breach-that-exposed.html

Google has released an urgent update for the Chrome browser for Windows, Mac, and Linux systems to patch a newly discovered zero-day vulnerability that attackers are exploiting in the wild.

Read details: https://thehackernews.com/2022/09/google-release-urgent-chrome-update-to.html

A new version of the notorious SharkBot Android banking trojan has once again made its way into the Google Play Store by disguising itself as an antivirus and cleaner app.

Read details: https://thehackernews.com/2022/09/fake-antivirus-and-cleaner-apps-caught.html

TikTok has denied reports of a data breach after a hacker group claimed to have gained access to information on two billion of its users.

Read details: https://thehackernews.com/2022/09/tiktok-denies-data-breach-reportedly.html

QNAP has issued an advisory urging NAS device users to update Photo Station software to the latest available version after discovering another DeadBolt ransomware attack exploiting a zero-day vulnerability.

Read details: https://thehackernews.com/2022/09/qnap-warns-of-new-deadbolt-ransomware.html

Researchers have discovered a new Android spyware that is capable of collecting extensive information and is distributed under the guise of a book that likely targets the Uyghur community in China.

Details: https://thehackernews.com/2022/09/researchers-find-new-android-spyware.html

Researchers have identified a new phishing-as-a-service (PhaaS) called "EvilProxy" that is being promoted in the dark web as a way for cybercriminals to bypass security measures employed by online services.

Read: https://thehackernews.com/2022/09/new-evilproxy-phishing-service-allowing.html

Researchers uncover "TeslaGun," a previously undocumented software control panel used by the financially motivated cybercrime group TA505 to manage its "ServHelper" backdoor malware attacks.

Read details: https://thehackernews.com/2022/09/ta505-hackers-using-teslagun-panel-to.html

Researchers uncover targeted cyberattacks by the "Worok" espionage hacking group against high-profile Asian companies and local governments.

Read details: https://thehackernews.com/2022/09/worok-hackers-target-high-profile-asian.html

A new critical remote code execution vulnerability (CVE-2022-34747) has been found in Zyxel network-attached storage (NAS) devices — Firmware patch update released.

Read: https://thehackernews.com/2022/09/critical-rce-vulnerability-affects.html

MooBot, a new variant of the Mirai botnet, has been spotted exploiting unpatched D-Link devices to include them in its army of denial-of-service bots.

Read: https://thehackernews.com/2022/09/mirai-variant-moobot-botnet-exploiting.html

North Korean hacker group Lazarus has been spotted deploying a new remote access trojan, dubbed "MagicRAT," in targeted campaigns exploiting VMware Horizon platforms.

Read details: https://thehackernews.com/2022/09/north-korean-hackers-spotted-using-new.html

Researchers discover a new stealthy malware, dubbed Shikitega, that targets Linux-based systems and IoT devices via a multi-stage infection chain and uses polymorphic encoders to evade detection.

Details: https://thehackernews.com/2022/09/new-stealthy-shikitega-malware.html

Law enforcement authorities have dismantled WT1SHOP online cybercrime marketplace for selling stolen login credentials, credit cards and other personal information.

Read details: https://thehackernews.com/2022/09/authorities-shut-down-wt1shop-site-for.html

Google found that some former members of the Conti cybercrime group repurposed their hacking techniques to target Ukraine in financially and politically motivated attacks.

Read: https://thehackernews.com/2022/09/some-members-of-conti-group-targeting.html

Cisco releases security patches for 3 newly discovered vulnerabilities in its products, including a high-severity vulnerability in the NVIDIA Data Plane Development Kit.

Read details: https://thehackernews.com/2022/09/cisco-releases-security-patches-for-new.html

Microsoft warns of a subgroup of the Iranian threat actor Phosphorus (DEV-0270) that has been conducting ransomware attacks as a "form of moonlighting" for personal gain.

Read details: https://thehackernews.com/2022/09/microsoft-warns-of-ransomware-attacks.html

Several major financial services companies in French-speaking African countries have been repeatedly attacked by hackers as part of the DangerousSavanna campaign.

Read details: https://thehackernews.com/2022/09/hackers-repeatedly-targeting-financial.html