Operation CuckooBees: A Chinese-aligned espionage hacking group is targeting government organizations in Hong Kong.

Read: https://thehackernews.com/2022/10/chinese-spyder-loader-malware-spotted.html

A critical RCE vulnerability has been discovered in the popular Cobalt Strike exploitation framework that could allow an attacker to take control of the target system.

Read: https://thehackernews.com/2022/10/critical-rce-vulnerability-discovered.html

HelpSystems releases an out-of-band patch update to fix the issue.

Chinese APT hackers, codenamed DiceyF, have been linked to a string of attacks aimed at online casinos in Southeast Asia for years.

Read: https://thehackernews.com/2022/10/chinese-hackers-targeting-online.html

Security researchers warn of a new, stealthy PowerShell backdoor that disguises itself as a Windows update process.

Details: https://thehackernews.com/2022/10/experts-warn-of-stealthy-powershell.html

CISA has published two Industrial Control Systems (ICS) advisories warning of serious security vulnerabilities in Advantech R-SeeNet and Hitachi Energy APM Edge appliances.

Details: https://thehackernews.com/2022/10/cisa-warns-of-critical-flaws-affecting.html

Researchers have disclosed more details about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could allow an attacker to gain administrative privileges on the cluster.

Read: https://thehackernews.com/2022/10/researchers-detail-azure-sfx-flaw-that.html

A newly discovered variant of the Ursnif malware has focused on ransomware and data theft extortion attacks instead of banking fraud.

Read: https://thehackernews.com/2022/10/latest-ursnif-variant-shifts-focus-from.html

Domestic Kitten hacking group has been spotted spying on Iranians using an updated version of FurBall Android malware.

Read: https://thehackernews.com/2022/10/hackers-using-new-version-of-furball.html

Around 20 million Android users have been infected with the Clicker #malware after installing 16 malicious apps from Google Play.

Read: https://thehackernews.com/2022/10/these-16-clicker-malware-infected.html

Brazilian police announced Wednesday that they have arrested a person suspected of belonging to the notorious LAPSUS$ hacking group.

Read: https://thehackernews.com/2022/10/brazilian-police-arrest-suspected.html

A Russian ransomware group dubbed "OldGremlin" has been attributed to 16 multi-million dollar campaigns targeting businesses in Russia.

Read: https://thehackernews.com/2022/10/oldgremlin-ransomware-targeted-over.html

Researchers have detected active exploitation attempts targeting the recently disclosed critical RCE vulnerability (CVE-2022-42889) in Apache Commons Text.

Read details: https://thehackernews.com/2022/10/hackers-started-exploiting-critical.html

Multiple malware campaigns are exploiting a vulnerability in VMware Workspace ONE Access to infect targeted systems with cryptocurrency miners and ransomware.

Details: https://thehackernews.com/2022/10/multiple-campaigns-exploit-vmware.html

Microsoft has confirmed that it inadvertently exposed data related to 65,000+ of customers following a security lapse that left an endpoint publicly accessible over the internet.

Details: https://thehackernews.com/2022/10/microsoft-confirms-server.html

Google has launched a new open-source initiative called Graph for Understanding Artifact Composition (GUAC) that aims to beef up the security for software supply chain.

Read: https://thehackernews.com/2022/10/google-launches-guac-open-source.html

Emotet botnet has been linked to a new wave of malspam campaigns that exploit self-unlocking password-protected archive files to drop CoinMiner and Quasar RAT on compromised systems.

Read: https://thehackernews.com/2022/10/emotet-botnet-distributing-self.html

U.S. cybersecurity and intelligence agencies warn of Daixin Team hackers attacking healthcare organizations with ransomware.

Read: https://thehackernews.com/2022/10/cisa-warns-of-daixin-team-hackers.html

SideWinder APT hackers compromised the official website of Pakistan's National Electric Power Regulatory Authority to deliver a new tailored malware called WarHawk.

Read: https://thehackernews.com/2022/10/sidewinder-apt-using-new-warhawk.html

Apple releases a security patch for a new, actively exploited iOS and iPadOS zero-day vulnerability (CVE-2022-42827) that allows malicious apps to execute arbitrary code with the highest privileges.

Read: https://thehackernews.com/2022/10/apple-releases-patch-for-new-actively.html

Hive ransomware hackers have claimed responsibility for the recent cyberattack on Tata Power, and the group has begun leaking stolen data as part of its double extortion scheme.

Read: https://thehackernews.com/2022/10/hive-ransomware-hackers-begin-leaking.html