🚨 Packagist, the PHP package repository, suffered a security incident where an attacker gained access to four inactive accounts and hijacked over a dozen packages with 500 million installs.

Read details: https://thehackernews.com/2023/05/packagist-repository-hacked-over-dozen.html

⚠️ North Korean hackers Kimsuky using new ReconShark reconnaissance tool to target individuals via spear-phishing emails, OneDrive links & malicious macros.

Read more about "ReconShark" tool here: https://thehackernews.com/2023/05/n-korean-kimsuky-hackers-using-new.html

Italian corporate banking clients are under attack by a sophisticated financial fraud campaign that uses a new web-inject toolkit called drIBAN.

Learn how it works: https://thehackernews.com/2023/05/hackers-targeting-italian-corporate.html

🚨 Alert: East Asian markets hit by a new Android malware named FluHorse. It abuses the Flutter software development framework to mimic legitimate apps and steal credentials.

Learn more about it here: https://thehackernews.com/2023/05/new-android-malware-fluhorse-targeting.html

If you're using the Advanced Custom Fields plugin for WordPress, make sure to update to version 6.1.6 as soon as possible!

A security flaw (CVE-2023-30777) has been discovered that could allow for reflected cross-site scripting attacks.

https://thehackernews.com/2023/05/new-vulnerability-in-popular-wordpress.html

Dragon Breath APT group has added another layer of complexity to its attacks.

Learn how they use the double-clean-app technique to sideload malicious DLLs and target the online gaming and gambling industries: https://thehackernews.com/2023/05/dragon-breath-apt-group-using-double.html

Ukraine's CERT-UA warns of RoarBAT wiper malware causing destructive attacks on state organizations, and invoice-themed phishing campaigns spreading SmokeLoader malware.

Learn more: https://thehackernews.com/2023/05/cert-ua-warns-of-smokeloader-and.html

Action RAT and AllaKore RAT are the latest strains of malware deployed by SideCopy to carry out spear-phishing email attacks using #Indian government and defense-related social engineering lures.

Read latest report: https://thehackernews.com/2023/05/sidecopy-using-action-rat-and-allakore.html

Digital storage giant Western Digital confirms the theft of personal information of its online store customers.
Ransomware hackers demanded a "minimum 8 figures" ransom to avoid leaking the information.

Read details: https://thehackernews.com/2023/05/western-digital-confirms-customer-data.html

Recent ransomware attack on MSI has taken a new turn as hackers have leaked the company's private code signing keys on the #DarkWeb, including Intel Boot Guard used on 116 MSI products.

Learn more: https://thehackernews.com/2023/05/msi-data-breach-private-code-signing.html

The impact could be felt across the ecosystem.

🔥 WEBINAR — Lateral movement and ransomware spread are critical risks facing organizations today. Join our webinar to learn how real-time MFA and service account protection can help you defeat these types of attacks.

Register now: https://thehackernews.com/2023/05/join-our-webinar-learn-how-to-defeat.html

Heads up! CACTUS, a new ransomware strain, is targeting large commercial entities by exploiting known vulnerabilities in VPN appliances and employing double extortion tactics.

Read details: https://thehackernews.com/2023/05/new-ransomware-strain-cactus-exploits.html

🔒🚨 Heads up: Iranian state-sponsored hackers join financially motivated actors in exploiting a critical flaw (CVE-2023-27350) in PaperCut print management software to achieve initial access to vulnerable servers.

Read details here: https://thehackernews.com/2023/05/microsoft-warns-of-state-sponsored.html

SideWinder is back with a new trick up its sleeve. Using server-based polymorphism, this APT actor potentially sidesteps traditional signature-based antivirus detection and distributes additional payloads.

Learn details: https://thehackernews.com/2023/05/researchers-uncover-sidewinders-latest.html

Operation ChattyGoblin — A China-aligned threat actor is targeting Southeast Asian gambling companies in a campaign that's been ongoing since Oct 2021; and using chat apps as their tactic to drop malware.

https://thehackernews.com/2023/05/operation-chattygoblin-hackers.html

U.S. authorities just took down 13 sites offering DDoS-for-hire services.👊

Plus, a $10 MILLION bounty is being offered for the capture of a Russian national who was involved in creating an illegal credit card-checking platform.

Read: https://thehackernews.com/2023/05/us-authorities-seize-13-domains.html

🔒 Microsoft's May 2023 Patch Tuesday includes fixes for 38 security vulnerabilities, including a zero-day bug under active exploitation.

The bug (CVE-2023-29336) can grant SYSTEM privileges to attackers.

Details: https://thehackernews.com/2023/05/microsofts-may-patch-tuesday-fixes-38.html

U.S. government has disrupted a global network compromised by Snake, an advanced malware strain wielded by Russia's Federal Security Service (FSB), one of the most sophisticated cyber espionage tools ever developed.

Read details: https://thehackernews.com/2023/05/us-government-neutralizes-russias-most.html

The 23-year-old responsible for the 2020 Twitter hack, which compromised 130 high-profile accounts (including those of Bill Gates & Elon Musk) and defrauded users of $120,000, has pleaded guilty and could face up to 70 years in prison.

Read: https://thehackernews.com/2023/05/mastermind-behind-twitter-2020-hack.html

New malware alert! DownEx is targeting Central Asian government organizations in a sophisticated espionage campaign.

Learn more about it: https://thehackernews.com/2023/05/sophisticated-downex-malware-campaign.html