A supply chain attack targeting 3CX has been linked to North Korea's Lazarus Group, with the second-stage implant (Gopuram) specifically singling out a select few cryptocurrency companies.

Learn more: https://thehackernews.com/2023/04/cryptocurrency-companies-targeted-in.html

🔒 Microsoft is taking action against malware abuse in OneNote by automatically blocking embedded files with "dangerous extensions".

Find the full list of 120 extensions here: https://thehackernews.com/2023/04/microsoft-tightens-onenote-security-by.html

🔥 Arid Viper, aka Mantis, linked to Hamas' cyber warfare division, updates its malware toolkit (ViperRat, FrozenCell, Micropsia) targeting Palestinian entities across Windows, Android, & iOS platforms!🛡️💻

Learn more: https://thehackernews.com/2023/04/arid-viper-hacking-group-using-upgraded.html

Beware of the new Rilide malware targeting Chromium-based browsers! This malicious extension steals sensitive data & siphons cryptocurrency while disguised as a legitimate Google Drive add-on.

Learn more: https://thehackernews.com/2023/04/new-rilide-malware-targeting-chromium.html

🚨 Cybersecurity researchers uncover a new, sophisticated 🔐 ransomware strain called Rorschach. With unprecedented speed & unique features, it's raising the bar for future attacks.

Learn more: https://thehackernews.com/2023/04/rorschach-ransomware-emerges-experts.html

🚨 Alert: Typhon Reborn V2, a new version of the information-stealing malware, has emerged with enhanced capabilities to evade detection and resist analysis.

Learn more: https://thehackernews.com/2023/04/typhon-reborn-stealer-malware.html

North Korean-backed threat actor ARCHIPELAGO targets South Korean & US government, military, and policy experts.

Learn more: https://thehackernews.com/2023/04/google-tag-warns-of-north-korean-linked.html

Researchers uncover a new attack technique involving malicious SFX files! These files can hide hidden functionality, enabling persistent backdoor access to victims' systems.

Learn more: https://thehackernews.com/2023/04/hackers-using-self-extracting-archives.html

SEO poisoning in action 🕷️!

Users searching for "WhatsApp Web" are lured to rogue domains hosting the CryptoClippy malware, which steals cryptocurrency by replacing wallet addresses during transactions.

Learn more: https://thehackernews.com/2023/04/cryptoclippy-new-clipper-malware.html

📱Attention, Android app developers! Google announces a new data deletion policy.

It now requires apps to provide users with easy in-app and online account deletion options. Devs must also disclose data retention practices.

Read: https://thehackernews.com/2023/04/google-mandates-android-apps-to-offer.html

An international law enforcement operation named Operation CookieMonster has taken down the notorious Genesis Market, an illegal online marketplace that sold stolen credentials.

Read: https://thehackernews.com/2023/04/fbi-cracks-down-on-genesis-market-119.html

The crackdown involved 17 countries and resulted in 119 arrests.

Supply Chain Attacks & Critical Infrastructure: Understanding the growing threat to a nation's security & economy.

Here's how CISA steps up to protect our digital crown jewels.

Read on👉 https://thehackernews.com/2023/04/supply-chain-attacks-and-critical.html

Telegram becoming a hub for cybercrime! Researchers find threat actors using the platform to sell phishing kits and set up campaigns.

Over 2.5 million malicious URLs generated using phishing kits on Telegram in the past 6 months!

Learn more: https://thehackernews.com/2023/04/researchers-uncover-thriving-phishing.html

Apple releases security updates for iOS, iPadOS, macOS, and Safari to address two zero-day flaws being actively exploited in the wild.

Learn more: https://thehackernews.com/2023/04/apple-releases-updates-to-address-zero.html

Get the latest version now!

Ransomware threat alert! 🔒🚨

U.S. cybersecurity agency has added 5 actively exploited flaws to its CVE catalog, including 3 impacting Veritas Backup Exec Agent software.

Details: https://thehackernews.com/2023/04/cisa-warns-of-5-actively-exploited.html

Apply patches now to secure your network against potential threats.

🔐 Secure your business with Wazuh!

🛡️ This powerful open-source security platform offers threat detection, vulnerability management, compliance, and cloud security!

Discover: https://thehackernews.com/2023/04/protecting-your-business-with-wazuh.html

1 Million+ WordPress Sites Infected💥

Balada Injector malware exploits theme and plugin vulnerabilities to breach sites, steal data, create fake admin accounts, and maintain persistent access.

🔍 Find out more: https://thehackernews.com/2023/04/over-1-million-wordpress-sites-infected.html

Estonian National busted for smuggling U.S. electronics to Russia🔒🇷🇺 , including Metasploit Pro exploitation and hacking tool.

Andrey Shevlyakov faces 20 yrs in prison for evading export restrictions:

Learn more: https://thehackernews.com/2023/04/estonian-national-charged-in-us-for.html

🌐 2023 Cyber Security Trends Revealed!

Learn more: https://thehackernews.com/2023/04/top-10-cybersecurity-trends-for-2023.html

📱 App security
☁️ Cloud security
📲 Mobile security
🏠 IoT
👩‍💻 Remote work
💼 Cyber insurance
🚫 Zero trust & VPNs
🤖 AI
🔍 Attack detection tools
💼 Outsourcing cybersecurity

🚨 Malicious loader apps are being traded on the criminal underground for up to $20,000, used to trojanize Android applications and evade Google Play Store defenses.

🔗 Read More: https://thehackernews.com/2023/04/cybercriminals-turn-to-android-loaders.html