PlugX remote access trojan has been caught disguising itself as a legitimate open source Windows debugger tool called "x64dbg" to gain control of target systems.

Read details: https://thehackernews.com/2023/02/plugx-trojan-disguised-as-legitimate.html

Dutch police arrest three hackers in connection with a large-scale criminal operation involving data theft, extortion, and money laundering operation.

Read: https://thehackernews.com/2023/02/dutch-police-arrest-3-hackers-involved.html

Government entities in Asia-Pacific and North America are being targeted with an off-the-shelf malware downloader known as PureCrypter, which delivers information stealers and #ransomware.

Learn more: https://thehackernews.com/2023/02/purecrypter-malware-targets-government.html

A new ChromeLoader malware campaign is being distributed via virtual hard disk (VHD) files, marked as hacks or cracks for Nintendo and Steam games.

Learn more: https://thehackernews.com/2023/02/chromeloader-malware-targeting-gamers.html

🚨 Researchers have uncovered crucial insights into the inner workings of RIG Exploit Kit and its administrators.

Learn more: https://thehackernews.com/2023/02/researchers-share-new-insights-into-rig.html

PRODAFT team has acquired vital information on infrastructure, malware distribution, and targeting techniques.

🚨 Alert: LastPass has revealed a second attack that compromised encrypted password vaults.

It was a result of a keylogger on a DevOps engineer's home PC, info from a third-party data breach, and a vulnerability in a third-party software package.

https://thehackernews.com/2023/02/lastpass-reveals-second-attack.html

CISA has added a high-severity flaw affecting the open source ZK Java Web Framework to its KEV catalog based on evidence of active exploitation.

Learn more: https://thehackernews.com/2023/02/cisa-issues-warning-on-active.html

Blind Eagle, a notorious hacker group, has launched a new campaign targeting key industries (health, finance, law enforcement, immigration & peace organizations) in Colombia, Ecuador, Chile, and Spain.

Read: https://thehackernews.com/2023/02/apt-c-36-strikes-again-blind-eagle.html

⚡New post-exploitation framework called EXFILTRATOR-22 (also known as EX-22) has been discovered in the wild, allowing hackers to stealthily deploy ransomware within enterprise networks.

Learn more: https://thehackernews.com/2023/02/new-ex-22-tool-empowers-hackers-with.html

Bitdefender has released a free decryptor for MortalKombat, a new ransomware strain based on the Xorist malware that emerged in January 2023.

Learn more: https://thehackernews.com/2023/02/bitdefender-releases-free-decryptor-for.html

Cybercriminals are using Parallax RAT to target cryptocurrency companies, giving them the ability to record keystrokes, take screenshots, and upload and download files remotely.

Learn more: https://thehackernews.com/2023/03/parallax-rat-targeting-cryptocurrency.html

Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar.

This feature enables organizations to have greater control over who can access their data, while users can now send and receive encrypted emails and create encrypted meeting events for added security.

Learn more: https://thehackernews.com/2023/03/gmail-and-google-calendar-now-support.html

🚨 Attention Windows 11 users: ESET warns of a new, powerful UEFI bootkit malware called "BlackLotus" that can bypass Secure Boot protection on your devices.

Learn more: https://thehackernews.com/2023/03/blacklotus-becomes-first-uefi-bootkit.html

Watch out, law firms! Researchers have identified a cyber attack campaign targeting law firms using GootLoader and FakeUpdates malware.

Learn more about how hackers are compromising WordPress websites to distribute malware here: https://thehackernews.com/2023/03/cybercriminals-targeting-law-firms-with.html

Cisco has just released a security update to fix a critical vulnerability (CVE-2023-20078) in its IP Phone 6800, 7800, 7900, and 8800 Series products.

Learn more: https://thehackernews.com/2023/03/critical-flaw-in-cisco-ip-phone-series.html

Lucky Mouse hackers strike again with a new Linux version of SysUpdate malware toolkit that can now bypass security measures and evade reverse engineering.

Learn more: https://thehackernews.com/2023/03/sysupdate-malware-strikes-again-with.html

A malicious Python package has been found on PyPI containing a fully-featured information stealer and remote access trojan.

Learn more: https://thehackernews.com/2023/03/experts-identify-fully-featured-info.html

Watch out! A new cryptojacking scheme is in town, preying on poorly configured Redis database servers and using the trusted file transfer service transfer[.]sh to sneak in their malicious payloads.

Learn more: https://thehackernews.com/2023/03/new-cryptojacking-campaign-leverages.html

Beware of SCARLETEEL!

The latest cyber attack 🔒👨‍💻 targeting containerized 💻 environments to steal proprietary data and software but using crypto-miner malware to distract defenders.

Learn more: https://thehackernews.com/2023/03/hackers-exploit-containerized.html

China-based hackers Mustang Panda are using a new custom backdoor called MQsTTang in their latest social engineering campaign against European entities.

Learn more: https://thehackernews.com/2023/03/chinese-hackers-targeting-european.html