⚡ New politically-motivated surveillance campaign, dubbed "Paperbug," detected in Tajikistan, targeting government officials, telecom services, and public service infrastructures.

Read details: https://thehackernews.com/2023/04/paperbug-attack-new-politically.html

Google has obtained a court order in the US to disrupt the distribution of the information-stealing malware CryptBot that has infected over 670,000 computers.

Read more about this: https://thehackernews.com/2023/04/google-gets-court-order-to-take-down.html

South Korea's education, construction, diplomatic, and political institutions are under attack by the Tonto Team, a China-aligned threat actor.

Find out how they're using a file related to anti-malware products to execute their attacks: https://thehackernews.com/2023/04/tonto-team-uses-anti-malware-file-to.html

ALERT: A new Magecart campaign is using fake payment screens that are hard to detect and look more authentic than the original pages, in order to capture sensitive data from unsuspecting users.

Read details: https://thehackernews.com/2023/04/attention-online-shoppers-dont-be.html

🔒 Alert: Zyxel releases critical security patches for firewall devices. CVE-2023-28771 could allow remote code execution on affected systems.

Read details: https://thehackernews.com/2023/04/zyxel-firewall-devices-vulnerable-to.html

ATP, USG FLEX, VPN, and ZyWALL/USG devices are impacted.

New analysis reveals the evolution of ViperSoftX infostealer #malware: stronger encryption, anti-analysis techniques, and clever delivery methods.

Read details: https://thehackernews.com/2023/04/vipersoftx-infostealer-adopts.html

Attention Apple users! A new information stealer for macOS has been discovered, called Atomic Stealer, which can steal your Keychain passwords, system information, and even your macOS password.

Read details: https://thehackernews.com/2023/04/new-atomic-macos-stealer-can-steal-your.html

CISA has issued an Industrial Control Systems medical advisory warning of critical vulnerabilities in Illumina's DNA sequencing instruments, including privilege misconfiguration and remote IP address binding.

Read details: https://thehackernews.com/2023/04/cisa-warns-of-critical-flaws-in.html

OpenAI is back in 🇮🇹 Italy!

ChatGPT is now available after meeting data protection requirements.

Read: https://thehackernews.com/2023/04/chatgpt-is-back-in-italy-after.html

🚨 CERT-UA has issued a warning regarding Russian cyber attacks targeting Ukrainian government entities through phishing emails disguised as Windows security updates.

Read: https://thehackernews.com/2023/05/apt28-targets-ukrainian-government.html

🛡️ Google blocked 1.43 Million bad apps in 2022! Security improvements are making a huge difference, but cybercriminals are still finding ways in. Keep an eye out for suspicious apps!

Read details: https://thehackernews.com/2023/05/google-blocks-143-million-malicious.html

Be careful what you click! A Vietnamese threat actor has infected over 500,000 devices worldwide with malware through a 'malverposting' campaign on social media platforms.

Read more: https://thehackernews.com/2023/05/vietnamese-threat-actor-infects-500000.html

An analysis of over 70 billion DNS records has led to the discovery of Decoy Dog, a cohesive and highly unusual toolkit for targeting enterprise networks.

Read details: https://thehackernews.com/2023/05/new-decoy-dog-malware-toolkit-uncovered.html

Heads up, everyone!

CISA has issued an advisory warning of active exploitation of three known vulnerabilities, including CVE-2023-1389 (TP-Link Archer AX-21), CVE-2021-45046 (Apache Log4j2) and CVE-2023-21839 (Oracle WebLogic).

Details: https://thehackernews.com/2023/05/active-exploitation-of-tp-link-apache.html

ScarCruft, the North Korean threat group behind RokRAT malware, has adapted to the blocking of macros by using oversized LNK files.

Learn more about: https://thehackernews.com/2023/05/north-koreas-scarcruft-deploys-rokrat.html

Beware! A new Android surveillanceware called BouldSpy, believed to be linked to the Iranian government, has been spying on over 300 individuals belonging to minority groups, including Iranian Kurds, Baluchis, and Azeris.

Details: https://thehackernews.com/2023/05/bouldspy-android-spyware-iranian.html

🚨 New Windows-based financial trojan LOBSHOT found! TA505 threat actor leverages rogue Google Ads to spread malware.

Learn about its hVNC capabilities and how it stays under the radar: https://thehackernews.com/2023/05/lobshot-stealthy-financial-trojan-and.html

Critical flaw affecting ME RTU remote terminal units!

CISA has issued an advisory about the security vulnerability tracked as CVE-2023-2131, which has received the highest severity rating of 10.0 on the CVSS scoring system.

Details: https://thehackernews.com/2023/05/cisa-issues-advisory-on-critical-rce.html

🚨 Cybersecurity alert! Over 50,000 attempts to exploit a 5-year-old unpatched flaw in TBK digital video recording devices were observed in April.

Learn more about the critical vulnerability and its impact on camera video feeds: https://thehackernews.com/2023/05/hackers-exploiting-5-year-old-unpatched.html

Apple and Google are joining forces to tackle unauthorized tracking on Bluetooth location-tracking devices like AirTags.

https://thehackernews.com/2023/05/apple-and-google-join-forces-to-stop.html

They are working on a draft industry-wide specification that will detect and alert users of any unauthorized tracking.