Chinese state-sponsored hacking outfit Earth Longzhi, a subgroup within APT41, has launched a new hacking campaign targeting government, healthcare, tech & manufacturing entities in Taiwan, Thailand, the Philippines, and Fiji.

Details: https://thehackernews.com/2023/05/chinese-hacker-group-earth-longzhi.html

Google is rolling out Passkeys across all platforms, making it a passwordless solution for Google Accounts.

Learn how it works: https://thehackernews.com/2023/05/google-introduces-passwordless-secure.html

Passkeys, backed by the FIDO Alliance, are more secure than passwords and resistant to online attacks such as phishing.

🤖 Facebook has taken action against malicious campaigns leveraging popular topics like ChatGPT, Google BERT, and TikTok marketing tools as a lure to trick users into downloading malware.

Details: https://thehackernews.com/2023/05/meta-takes-down-malware-campaign-that.html

Stay cautious and avoid clicking on suspicious links!

Meta, the parent company of Facebook and Instagram, has taken down several cyber espionage campaigns that targeted South Asia through coordinated inauthentic behavior on social media platforms.

Read more to learn about it: https://thehackernews.com/2023/05/meta-uncovers-massive-social-media.html

🔥 Researchers have developed a new PoC exploit for a critical PaperCut server vulnerability that can bypass all current detections, allowing attackers to execute arbitrary code with SYSTEM privileges.

Learn details here: https://thehackernews.com/2023/05/researchers-uncover-new-exploit-for.html

🚨 Three new security flaws discovered in Microsoft Azure API Management service that could expose sensitive information and compromise backend services.

Learn more about these vulnerabilities: https://thehackernews.com/2023/05/researchers-discover-3-vulnerabilities.html

Beware Android users! A new subscription #malware named Fleckpe has been discovered on Google Play Store. The #malware was disguised as photo editing apps, camera, and wallpaper packs, amassing over 620,000 downloads since 2022.

https://thehackernews.com/2023/05/fleckpe-android-malware-sneaks-onto.html

Cisco has warned of a critical vulnerability (CVE-2023-20126) in SPA112 2-Port Phone Adapters that could allow remote attackers to execute arbitrary code.

Learn more: https://thehackernews.com/2023/05/cisco-warns-of-vulnerability-in-popular.html

Upgrade now to protect your devices!

🚨 Packagist, the PHP package repository, suffered a security incident where an attacker gained access to four inactive accounts and hijacked over a dozen packages with 500 million installs.

Read details: https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html

⚠️ North Korean hackers Kimsuky using new ReconShark reconnaissance tool to target individuals via spear-phishing emails, OneDrive links & malicious macros.

Read more about "ReconShark" tool here: https://thehackernews.com/2023/05/n-korean-kimsuky-hackers-using-new.html

Italian corporate banking clients are under attack by a sophisticated financial fraud campaign that uses a new web-inject toolkit called drIBAN.

Learn how it works: https://thehackernews.com/2023/05/hackers-targeting-italian-corporate.html

🚨 Alert: East Asian markets hit by a new Android malware named FluHorse. It abuses the Flutter software development framework to mimic legitimate apps and steal credentials.

Learn more about it here: https://thehackernews.com/2023/05/new-android-malware-fluhorse-targeting.html

If you're using the Advanced Custom Fields plugin for WordPress, make sure to update to version 6.1.6 as soon as possible!

A security flaw (CVE-2023-30777) has been discovered that could allow for reflected cross-site scripting attacks.

https://thehackernews.com/2023/05/new-vulnerability-in-popular-wordpress.html

Dragon Breath APT group has added another layer of complexity to its attacks.

Learn how they use the double-clean-app technique to sideload malicious DLLs and target the online gaming and gambling industries: https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html

Ukraine's CERT-UA warns of RoarBAT wiper malware causing destructive attacks on state organizations, and invoice-themed phishing campaigns spreading SmokeLoader malware.

Learn more: https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.html

Action RAT and AllaKore RAT are the latest strains of malware deployed by SideCopy to carry out spear-phishing email attacks using #Indian government and defense-related social engineering lures.

Read latest report: https://thehackernews.com/2023/05/sidecopy-using-action-rat-and-allakore.html

Digital storage giant Western Digital confirms the theft of personal information of its online store customers.
Ransomware hackers demanded a "minimum 8 figures" ransom to avoid leaking the information.

Read details: https://thehackernews.com/2023/05/western-digital-confirms-customer-data.html

Recent ransomware attack on MSI has taken a new turn as hackers have leaked the company's private code signing keys on the #DarkWeb, including Intel Boot Guard used on 116 MSI products.

Learn more: https://thehackernews.com/2023/05/msi-data-breach-private-code-signing.html

The impact could be felt across the ecosystem.

🔥 WEBINAR — Lateral movement and ransomware spread are critical risks facing organizations today. Join our webinar to learn how real-time MFA and service account protection can help you defeat these types of attacks.

Register now: https://thehackernews.com/2023/05/join-our-webinar-learn-how-to-defeat.html

Heads up! CACTUS, a new ransomware strain, is targeting large commercial entities by exploiting known vulnerabilities in VPN appliances and employing double extortion tactics.

Read details: https://thehackernews.com/2023/05/new-ransomware-strain-cactus-exploits.html