💥 Busted! "Pompompurin" unmasked! New York man arrested for running notorious BreachForums hacking site.

Learn more: https://thehackernews.com/2023/03/pompompurin-unmasked-infamous.html

🕷️ Mummy Spider, Gold Crestwood, TA542... whatever you call it, Emotet is back!

⚠️Now hiding in Microsoft OneNote email attachments to bypass macro-based security restrictions and compromise systems.

Learn more: https://thehackernews.com/2023/03/emotet-rises-again-evades-macro.html

🚨CatB ransomware operation utilizes DLL search order hijacking to evade detection and launch payloads.

Learn more: https://thehackernews.com/2023/03/researchers-shed-light-on-catb.html

🚨 Cybersecurity Alert: Mispadu banking trojan targets Latin American countries, compromising legit websites and stealing credentials. Attackers' misconfiguration exposes 8 out of 20 Command & Control Servers, revealing over 90,000 stolen credentials from 17.5K unique websites across all sectors.

Learn more: https://thehackernews.com/2023/03/mispadu-banking-trojan-targets-latin.html

Heads up! dotRunpeX is a new malware injector that distributes various known malware families via phishing emails and malicious Google Ads.

Learn more: https://thehackernews.com/2023/03/new-dotrunpex-malware-delivers-multiple.html

💸 Over $1.6 million in cryptocurrency stolen from hot wallets due to a zero-day security flaw in General Bytes' ATM software.

Learn more: https://thehackernews.com/2023/03/hackers-steal-over-16-million-in-crypto.html

55 zero-day vulnerabilities exploited in 2022, with Microsoft, Google, and Apple software the most targeted!

Though lower than 81 in 2021, still a significant uptick in recent years.

Learn more: https://thehackernews.com/2023/03/from-ransomware-to-cyber-espionage-55.html

⚠️ Beware of ShellBot malware! Weak SSH credentials on #Linux servers are being exploited in a new campaign. ShellBot can perform DDoS attacks & exfiltrate data.

Learn more: https://thehackernews.com/2023/03/new-shellbot-ddos-malware-targeting.html

⚡️ New "Bad Magic" activity cluster targeting gov't, agriculture & transportation orgs in Donetsk, Lugansk & Crimea amid ongoing Russia-Ukraine conflict using a new modular framework, "CommonMagic."

Learn more: https://thehackernews.com/2023/03/new-bad-magic-cyber-threat-disrupt.html

BreachForums has been officially taken down, but the administrator promises "it's not the end."

Learn more: https://thehackernews.com/2023/03/breachforums-administrator-baphomet.html

Speculations arise that law enforcement may have obtained access to the site's configurations and user information.

New malware alert!

REF2924, a threat group targeting entities in South and Southeast Asia, has been spotted deploying NAPLISTENER - an HTTP listener designed to evade network-based detection.

Learn more: https://thehackernews.com/2023/03/new-naplistener-malware-used-by-ref2924.html

🚨 NuGet Repository under attack! New malicious campaign aims to infect DotNET developer systems with cryptocurrency stealer malware.

Learn more: https://thehackernews.com/2023/03/rogue-nuget-packages-infect-net.html

Beware of 13 rogue packages downloaded 160k+ times in the past month.

⚠️ CISA warns of critical flaws in Industrial Control Systems from Keysight, Delta Electronics, Siemens, VISAM, Rockwell Automation, and Hitachi Energy.

Learn more: https://thehackernews.com/2023/03/cisa-alerts-on-critical-security.html

Update your software ASAP to avoid potential security breaches!

💻 Chinese state-sponsored 🕵️‍♂️ threat actors infiltrate Microsoft Exchange servers in new wave of cyber attacks on Middle East telecoms.

Learn more: https://thehackernews.com/2023/03/operation-soft-cell-chinese-hackers.html

Researchers find a custom variant of Mimikatz, called mim221, with new anti-detection features.

🚨 German and South Korean intel agencies warn of Kimsuky cyberattacks targeting Gmail inboxes via malicious browser extensions.

The group has also extended its attacks to Android malware strains such as FastFire, FastSpy, and RambleOn.

Read: https://thehackernews.com/2023/03/german-and-south-korean-agencies-warn.html

🔥 Heads up! New Nexus Android banking trojan is here, targeting 450 financial apps & crypto services.

It can even read 2FA codes from SMS & Google Authenticator by exploiting Android's accessibility services.

Learn more: https://thehackernews.com/2023/03/nexus-new-rising-android-banking-trojan.html

⚠️Chinese nation-state groups are getting better at bypassing security!

Learn more: https://thehackernews.com/2023/03/researchers-uncover-chinese-nation.html

They are now using TONEINS, TONESHELL, and PUBLOAD malware for more effective infiltration, as well as HIUPAN and ACNSHELL for reverse shell.

Don't let third-party app access put your company's data at risk!

Join our upcoming webinar to learn about the potential dangers and get expert insights on how to keep your SaaS apps secure.

Learn from the experts - register today: https://thn.news/risk-of-3rd-party-saas-apps

🐍 Python developers, beware! Malicious package on PyPI uses Unicode to evade detection and deploy info-stealing malware!

📢 Learn more: https://thehackernews.com/2023/03/malicious-python-package-uses-unicode.html

GitHub replaces RSA SSH host key after brief exposure in public repository to prevent any bad actor from impersonating the service or eavesdropping on users' operations over SSH.

Learn more: https://thehackernews.com/2023/03/github-swiftly-replaces-exposed-rsa-ssh.html