🔓 Urgent: Protect your WordPress site now! Critical security update required for Ninja Forms plugin. Over 800,000 sites at risk from vulnerabilities CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393.

Get the full scoop here: https://thehackernews.com/2023/07/multiple-flaws-found-in-ninja-forms.html

Alert: New Malware campaign!

Beware! Cybercriminals are spreading trojanized software through fake websites. Their goal? Infecting innocent users with the malicious Fruity downloader malware.

Stay informed: https://thehackernews.com/2023/07/fruity-trojan-uses-deceptive-software.html

🚨 Beware of AVRecon botnet! It exploits compromised routers for illegal proxy services.

With 41,000 nodes in 20 countries, it's a major threat to online security.

Discover its connection to the 12-year-old SocksEscort service used by cybercriminals: https://thehackernews.com/2023/07/avrecon-botnet-leveraging-compromised.html

🔒 Cybersecurity Alert - Indian-linked Patchwork hackers strike Chinese universities and research organizations with the notorious EyeShell backdoor!

Read https://thehackernews.com/2023/07/patchwork-hackers-target-chinese.html

P2PInfect peer-to-peer (P2) worm has been observed using previously undocumented methods to gain initial access to vulnerable Redis servers and recruit them into a botnet.

Learn more here ➡️ https://thehackernews.com/2023/07/new-p2pinfect-worm-targets-redis.html

A sophisticated malware loader known as WikiLoader is currently being utilized to target Italian organizations with Ursnif banking trojan and spyware.

Read: https://thehackernews.com/2023/08/cybercriminals-renting-wikiloader-to.html

China-linked cyber threat group APT31 strikes again! Last year, they targeted Eastern European industrial organizations to steal data from air-gapped systems using 15+ implants.

Read more about it here: https://thehackernews.com/2023/08/chinas-apt31-suspected-in-attacks-on.html

New report uncovers Space Pirates, a cybercriminal group attacking 16 organizations in Russia and Serbia. Targets include aerospace, defense, energy, healthcare, and more.

Learn more: https://thehackernews.com/2023/08/researchers-expose-space-pirate-cyber.html

Warning: European banks and customers are currently under attack! The SpyNote Android banking trojan is causing chaos, launching aggressive phishing and smishing campaigns.

Read the full article here: https://thehackernews.com/2023/08/european-bank-customers-targeted-in.html

Beware! There's a Python variant of the NodeStealer malware that is currently hijacking Facebook business accounts and stealing cryptocurrency.

Get all the details here: https://thehackernews.com/2023/08/new-nodestealer-targeting-facebook.html

🚨 Urgent Alert!

Cybersecurity agencies warn of APT hackers exploiting critical zero-day vulnerability (CVE-2023-35078) in Ivanti Endpoint Manager Mobile.

Norwegian entities, including government networks, targeted since April 2023.

Learn more: https://thehackernews.com/2023/08/norwegian-entities-targeted-in-ongoing.html

Obscure Iranian company Cloudzy faces scrutiny!

A recent report has revealed that it is being used by cybercrime groups and nation-state crews as a command-and-control provider, enabling and facilitating illegal operations.

Read details: https://thehackernews.com/2023/08/iranian-company-cloudzy-accused-of.html

Researchers have discovered a sneaky post-exploitation technique in Amazon Web Services (AWS). It appears that the SSM Agent can transform into a remote access trojan on both Windows and Linux systems.

Learn more: https://thehackernews.com/2023/08/researchers-uncover-aws-ssm-agent.html

Cybercriminals on #Telegram cause global cyberattacks and data leaks, hitting the financial, retail, and IT sectors the hardest.

To learn how organizations can protect against illicit activities on Telegram, read this article: https://thehackernews.com/2023/08/top-industries-significantly-impacted.html

Alarming news for industrial control systems: 34% of reported vulnerabilities have no patch or remediation, up from last year's 13%.

Read: https://thehackernews.com/2023/08/industrial-control-systems.html

SynSaber data shows that CISA received reports of 670 ICS product flaws in H1 2023. Among them, 88 were critical and 227 had no available fixes.

Sophisticated Facebook phishing campaign exploiting zero-day flaw in Salesforce email services.

Crafty threat actors create targeted messages using the company's domain.

Click here to learn more about clever tactics: https://thehackernews.com/2023/08/phishers-exploit-salesforces-email.html

BlueCharlie, a Russian adversary assessed to be affiliated with FSB, has resurfaced with 94 new domains.

Learn more: https://thehackernews.com/2023/08/russian-cyber-adversary-bluecharlie.html

This latest development demonstrates their unwavering determination to outsmart cybersecurity researchers.

Attention! A new BYPASS has been discovered for a recently patched vulnerability (CVE-2023-35082 / CVSS 10) in Ivanti Endpoint Manager Mobile (EPMM).

Read: https://thehackernews.com/2023/08/researchers-discover-bypass-for.html

Update immediately to safeguard your data against potential threats.

Microsoft has uncovered the crafty attacks of a Russian threat actor, who cleverly exploits Microsoft Teams chats. Users are deceived with phishing lures, ultimately resulting in stolen credentials.

Read details: https://thehackernews.com/2023/08/microsoft-exposes-russian-hackers.html

The enigmatic Team Bangladesh, a group of hacktivists, has carried out over 750 DDoS attacks and defaced 78 websites.

Their main focus? Logistics, government, and financial organizations in India and Israel.

Read details: https://thehackernews.com/2023/08/mysterious-team-bangladesh-targeting.html