🚨 Urgent alert! Critical zero-day flaw (CVE-2023-2868) exploited for 7 months!

Backdoor access, data exfiltration, and 3 potent malware strains discovered targeting Barracuda's Email Security Gateways.

Learn more: https://thehackernews.com/2023/05/alert-hackers-exploit-barracuda-email.html

Fake software, real danger! RomCom RAT hackers are deploying fake websites to sneak into unsuspecting targets' systems.

Discover more about the tactics behind this threat: https://thehackernews.com/2023/05/romcom-rat-using-deceptive-web-of-rogue.html

Dark Pink APT group strikes again! Five new attacks reported in Belgium, Brunei, Indonesia, Thailand, and Vietnam

Learn how their custom malware, spear-phishing emails, and advanced persistence mechanisms pose an ongoing risk.

Read: https://thehackernews.com/2023/05/dark-pink-apt-group-leverages.html

💻🔒 Microsoft reveals details of a critical Apple macOS vulnerability, dubbed 'Migraine.' From SIP bypass to rootkit installation, this flaw had serious implications.

Read the full story: https://thehackernews.com/2023/05/microsoft-details-critical-apple-macos.html

🚨 Researchers expose backdoor-like behavior in Gigabyte systems, allowing unsecure Windows executable downloads through UEFI firmware. Millions of devices impacted.

Learn more: https://thehackernews.com/2023/05/critical-firmware-vulnerability-in.html

⚠️ Apache NiFi servers at risk! A financially motivated threat actor is targeting unprotected instances, hijacking them to mine cryptocurrencies and move laterally.

Read details: https://thehackernews.com/2023/05/cybercriminals-targeting-apache-nifi.html

⚠️ If you're using the Jetpack plugin, listen up! A critical flaw has been discovered, leaving your WordPress site vulnerable to attacks.

Good news: WordPress has issued an automatic update to address the issue.

Read details: https://thehackernews.com/2023/06/urgent-wordpress-update-fixes-critical.html

U.S. Cybersecurity Agency raises alarm over critical flaw in Zyxel gear! Active exploitation detected. Learn more about the CVE-2023-28771 vulnerability and its potential risks.

Read: https://thehackernews.com/2023/06/active-mirai-botnet-variant-exploiting.html

⚠️ Unmasking ScarCruft's secret weapon! Discover the covert operations of this North Korean state-sponsored group as they employ the powerful RokRAT trojan to breach systems and maintain control.

Read full story here: https://thehackernews.com/2023/06/n-korean-scarcruft-hackers-exploit.html

😼 Sneakier & faster!

New improved BlackCat ransomware variant Sphynx sharpening claws on evasion techniques & encryption.

Find out more: https://thehackernews.com/2023/06/improved-blackcat-ransomware-strikes.html

Minimize your attack surface with good IT hygiene!

Wazuh - a powerful, free, open-source platform, specifically designed to bolster your IT hygiene and fortify cybersecurity defenses.

Get an insider look here: https://thehackernews.com/2023/06/how-wazuh-improves-it-hygiene-for-cyber.html

🐍💻 Python Package Index hit by a novel cyberattack!

Cybercriminals sidestepping security with compiled Python bytecode (PYC) files - a first in supply chain attacks.

Learn more here: https://thehackernews.com/2023/06/malicious-pypi-packages-using-compiled.html

Unmasking the e-Crime Mastermind: Vietnamese suspect linked to notorious XE Group unveiled!

Learn more about their illicit cyber activities 👉 https://thehackernews.com/2023/06/unmasking-xe-group-experts-reveal.html

🚨 Beware, iOS users! A new sophisticated and long-running mobile spywre campaign dubbed "Operation Triangulation" is targeting iPhones.

Hackers using stealthy, zero-click iMessage exploits to deploy root-level #malware.

More details here: https://thehackernews.com/2023/06/new-zero-click-hack-targets-ios-users.html

New study reveals QBot's sophisticated tactics, hiding its ever-changing C&C infrastructure in residential IPs with 25% of servers active for just a day, effectively eluding cyber defenses.

Learn more: https://thehackernews.com/2023/06/evasive-qbot-malware-leverages-short.html

⚠️Alert: A critical flaw in Progress Software's MOVEit Transfer file transfer app is being exploited in the wild! An SQL injection vulnerability allows unauthorized access and escalated privileges.

Learn more: https://thehackernews.com/2023/06/moveit-transfer-under-attack-zero-day.html

Don't wait, patch your systems now!

North Korea's Kimsuky group, a.k.a APT43, wields spear-phishing campaigns and is leveraging social engineering to compromise high-value targets. Your inbox could be the next battlefield.

Stay informed: https://thehackernews.com/2023/06/north-koreas-kimsuky-group-mimics-key.html

🐉 Beware of TinyNote backdoor! Camaro Dragon's latest cyber weapon that bypasses antivirus, uses persistence tactics and multiple server communication methods.

Learn more: https://thehackernews.com/2023/06/camaro-dragon-strikes-with-new-tinynote.html

Heads up, Latin America! A powerful botnet named Horabot is targeting Outlook users with phishing emails, compromising their accounts and spreading phishing emails.

Learn more: https://thehackernews.com/2023/06/new-botnet-malware-horabot-targets.html

Amazon slapped with a $30.8 million fine by the FTC over privacy lapses involving Alexa and Ring. This includes breaching children's privacy laws and granting employees access to private videos.

Read details: https://thehackernews.com/2023/06/ftc-slams-amazon-with-308m-fine-for.html