🔓 Researchers find loophole in Microsoft Entra ID app, granting hackers unauthorized access through an abandoned URL.

Learn how they did it and how to stay safe: https://thehackernews.com/2023/08/experts-uncover-how-cybercriminals.html

⚠️ Heads up: Microsoft warns about a surge in AiTM phishing attacks. Hackers are using smart phishing-as-a-service (PhaaS) platforms to scale up their campaigns and bypass MFA protections.

Read details: https://thehackernews.com/2023/08/phishing-as-service-gets-smarter.html

🚨 Unpatched Citrix systems under attack! Unknown threat actors are exploiting a critical vulnerability (CVE-2023-3519) for #ransomware attacks.

Read details: https://thehackernews.com/2023/08/citrix-netscaler-alert-ransomware.html

New malspam campaign uses DarkGate malware to steal data, mine cryptocurrency, and evade detection.

Watch out for phishing emails with links to malicious MSI or VBScript files.

Read: https://thehackernews.com/2023/08/darkgate-malware-activity-spikes-as.html

DarkGate campaign rents out malware to limited affiliates.

Suspected Chinese hacking group UNC4841 exploited zero-day flaw in Barracuda ESG appliances to target government, military, and tech companies.

Read details: https://thehackernews.com/2023/08/chinese-hacking-group-exploits.html

💪 Operation Duck Hunt: QakBot, a powerful Windows malware, taken down. $8.6 million in crypto seized. It compromised 700k+ computers worldwide.

Read details here: https://thehackernews.com/2023/08/fbi-dismantles-qakbot-malware-frees.html

🚨 Critical Security Alert!

New authentication bypass and file write vulnerabilities found in VMware's Aria Operations Networks that could lead to remote code execution attacks.

Know more about CVE-2023-34039 and CVE-2023-20890: https://thehackernews.com/2023/08/critical-vulnerability-alert-vmware.html

🚨 Urgent: Juniper firewalls, Openfire, and Apache RocketMQ servers are being actively targeted by cybercriminals.

Learn about the vulnerabilities, the ongoing attacks, and their potential impact on your systems.

Read: https://thehackernews.com/2023/08/alert-juniper-firewalls-openfire-and.html

⚠️ Watch out, coders! Malicious npm packages are exploiting post-install hooks to steal source code & secrets.

Learn more: https://thehackernews.com/2023/08/malicious-npm-packages-aim-to-target.html

Defend your brand against content scraping! ChatGPT's scraping abilities are causing concern.

Discover strategies to outsmart AI bots, secure your content, and maintain your web traffic.

Read: https://thehackernews.com/2023/08/how-to-prevent-chatgpt-from-stealing.html

⚠️ Spyware Alert! Malicious versions of Signal & Telegram Android messenger apps found on Google Play and Samsung Galaxy Store, distributing China-linked BadBazaar spyware.

Learn more about it here: https://thehackernews.com/2023/08/china-linked-badbazaar-android-spyware.html

🚨 New Android banking trojan alert!

Meet MMRat: stealthy malware targeting Southeast Asian users. It hijacks devices remotely for financial fraud. Learn how it works.

Read: https://thehackernews.com/2023/08/mmrat-android-trojan-executes-remote.html

⚡ New research uncovers how hackers could cleverly bypass endpoint security by exploiting Windows Container Isolation feature.

Learn how this works: https://thehackernews.com/2023/08/hackers-can-exploit-windows-container.html

Earth Estries, a skilled hacking group, is orchestrating an ongoing campaign targeting government and tech sectors in Philippines, Taiwan, Malaysia, South Africa, Germany, and the U.S.

Learn about the sophisticated tactics behind it: https://thehackernews.com/2023/08/earth-estries-espionage-campaign.html

🚨 New Threat Alert! Researchers uncover 3 more malicious Python packages in PyPI repository under VMConnect campaign. North Korean state-sponsored actors suspected.

Read: https://thehackernews.com/2023/08/north-korean-hackers-deploy-new.html

SapphireStealer, an open-source .NET-based #malware, is used by multiple threat actors for espionage, ransomware, and other cyber attacks.

Learn more: https://thehackernews.com/2023/08/sapphirestealer-malware-gateway-to.html

🚨 Scammers are raking in millions 💰 with the Classiscam scheme! Since 2019, they've pocketed $64.5 million using fake ads and tricks. Find out how these scammers operate and protect yourself from falling victim.

Read details: https://thehackernews.com/2023/09/classiscam-scam-as-service-raked-645.html

Did you know about SuperBear? A recent phishing attack in South Korea exposed this dangerous remote access trojan.

Read how this remote access trojan infiltrates systems: https://thehackernews.com/2023/09/new-superbear-trojan-emerges-in.html

Five Eyes intelligence alliance reveals a Russian state-sponsored actor, Sandworm, behind mobile malware 'Infamous Chisel' targeting Ukrainian military Android devices.

Learn more: https://thehackernews.com/2023/09/russian-state-backed-infamous-chisel.html

Ever wondered how hackers get your credentials? They buy them, steal them, or find them in memory dumps.

Get the scoop on this growing threat and discover how Silverfort Unified Identity Protection can fortify your defenses.

Read: https://thehackernews.com/2023/09/its-zero-day-its-malware-no-its.html