Researchers warn of Nitrogen, a malvertising campaign infecting enterprise networks via Google Search and Bing ads. Targets users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP.

Read details: https://thehackernews.com/2023/07/new-malvertising-campaign-distributing.html#cybersecurity

Measure, Improve, and Automate! Unlock the true potential of shift-left and learn how it empowers your teams, aligns goals, measures progress, and democratizes security knowledge.

Read: https://thehackernews.com/2023/07/the-4-keys-to-building-cloud-security.html

🚨 Heads up, Ubuntu users!

Researchers have discovered high-severity Linux flaws in the Ubuntu kernel, affecting 40% of users!

Learn about GameOver(lay) vulnerabilities CVE-2023-32629 and CVE-2023-2640: https://thehackernews.com/2023/07/gameoverlay-two-severe-linux.html

Beware the IDOR Flaw!

Cybersecurity agencies in Australia and the U.S. have issued a joint advisory warning about IDOR security flaws in web apps that can lead to data breaches.

Learn more about it here: https://thehackernews.com/2023/07/cybersecurity-agencies-warn-against.html

Over 5,000 instances are vulnerable to potential attacks!

Metabase users, pay attention! An "extremely severe" flaw [CVE-2023-38646] has been discovered in the popular BI & data visualization software.

Find details here: https://thehackernews.com/2023/07/major-security-flaw-discovered-in.html

Russian hacker group BlueBravo strikes again!

New backdoor "GraphicalProton" used to target diplomatic entities in Eastern Europe.

Read details: https://thehackernews.com/2023/07/bluebravo-deploys-graphicalproton.html

Malicious actors are exploiting a legitimate Windows search feature to download arbitrary payloads and compromise systems with RATs like AsyncRAT and Remcos RAT.

Learn more about this novel attack technique: https://thehackernews.com/2023/07/hackers-abusing-windows-search-feature.html

Security Research team at Checkmarx found an attack scenario affecting major car manufacturers like Porsche.

Read on to learn how it could lead to data exfiltration: https://thehackernews.com/2023/07/a-data-exfiltration-attack-scenario.html

💻 Korean-speaking individuals are under attack by STARK#MULE. Hackers are using U.S. Military-themed document lures to spread malware and compromise systems.

Learn more: https://thehackernews.com/2023/07/starkmule-targets-koreans-with-us.html

New Threat Alert!

Latest findings reveal that the IcedID malware is getting even more dangerous with updates to its BackConnect module for post-compromise activity on hacked systems.

Learn more: https://thehackernews.com/2023/07/icedid-malware-adapts-and-expands.html

📢 Attention admins!

Ivanti discloses another flaw (CVE-2023-35081) in Endpoint Manager Mobile (EPMM) that is being exploited by malicious actors to gain sensitive info & execute OS commands.

Read: https://thehackernews.com/2023/07/ivanti-warns-of-another-endpoint.html

Update to the latest version now.

🚨 Threat Alert!

U.S. cybersecurity agency CISA has revealed details of "SUBMARINE," a novel persistent backdoor deployed in the Barracuda Email Security Gateway (ESG) hack.

Learn more about this here: https://thehackernews.com/2023/07/hackers-deploy-submarine-backdoor-in.html

🚨 Important News for App Developers!

Apple announces a crucial update requiring developers to provide reasons for using certain APIs in their apps, promoting responsible data collection and preventing tracking.

Read details: https://thehackernews.com/2023/07/apple-sets-new-rules-for-developers-to.html

Beware of CherryBlos, a new Android malware targeting cryptocurrency wallets.

🚨 This clever malware uses OCR to extract info from images and swap wallet addresses.

Learn more: https://thehackernews.com/2023/07/new-android-malware-cherryblos.html

Stay alert!

🔓 Urgent: Protect your WordPress site now! Critical security update required for Ninja Forms plugin. Over 800,000 sites at risk from vulnerabilities CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393.

Get the full scoop here: https://thehackernews.com/2023/07/multiple-flaws-found-in-ninja-forms.html

Alert: New Malware campaign!

Beware! Cybercriminals are spreading trojanized software through fake websites. Their goal? Infecting innocent users with the malicious Fruity downloader malware.

Stay informed: https://thehackernews.com/2023/07/fruity-trojan-uses-deceptive-software.html

🚨 Beware of AVRecon botnet! It exploits compromised routers for illegal proxy services.

With 41,000 nodes in 20 countries, it's a major threat to online security.

Discover its connection to the 12-year-old SocksEscort service used by cybercriminals: https://thehackernews.com/2023/07/avrecon-botnet-leveraging-compromised.html

🔒 Cybersecurity Alert - Indian-linked Patchwork hackers strike Chinese universities and research organizations with the notorious EyeShell backdoor!

Read https://thehackernews.com/2023/07/patchwork-hackers-target-chinese.html

P2PInfect peer-to-peer (P2) worm has been observed using previously undocumented methods to gain initial access to vulnerable Redis servers and recruit them into a botnet.

Learn more here ➡️ https://thehackernews.com/2023/07/new-p2pinfect-worm-targets-redis.html

A sophisticated malware loader known as WikiLoader is currently being utilized to target Italian organizations with Ursnif banking trojan and spyware.

Read: https://thehackernews.com/2023/08/cybercriminals-renting-wikiloader-to.html