Around 12,000 Juniper firewall devices exposed online are vulnerable to a recently disclosed flaw (CVE-2023-36845). This flaw enables unauthenticated code execution without file creation.

Read details: https://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html

Earth Lusca, a China-linked group, is using a stealthy Linux backdoor called SprySOCKS to target government entities worldwide.

Learn how they operate: https://thehackernews.com/2023/09/earth-luscas-new-sprysocks-linux.html

🚨 Data Security Alert! Did you know 6% of employees paste sensitive data into AI apps weekly? Learn how to prevent data leakage in this upcoming webinar.

Read: https://thehackernews.com/2023/09/live-webinar-overcoming-generative-ai.html

Researchers warn of a new sophisticated campaign, Operation Rusty Flag, deploying Rust-based malware in Azerbaijan.

Learn how this advanced attack works: https://thehackernews.com/2023/09/operation-rusty-flag-azerbaijan.html

Telecom providers in the Middle East face a stealthy cyber threat called ShroudedSnooper. It uses HTTPSnoop to exploit Windows HTTP kernel drivers.

Learn more: https://thehackernews.com/2023/09/shroudedsnoopers-httpsnoop-backdoor.html

👨🏻‍💻👾 WEBINAR ➤ Discover the power of SSPM + ITDR synergy, learn to detect and neutralize hidden SaaS security threats.

Reserve your spot now: https://thehacker.news/itdr-saas

XWorm, a persistent remote access trojan, has been evolving since 2022. Researchers at AnyRun uncovered its inner workings, including evasion tactics, sandbox detection, and persistence methods.

Learn more: https://thehackernews.com/2023/09/inside-code-of-new-xworm-variant.html

Trend Micro releases patches for critical security flaw, CVE-2023-41179, actively exploited in real-world attacks on Apex One and Worry-Free Business Security solutions for Windows.

Read details: https://thehackernews.com/2023/09/trend-micro-releases-urgent-fix-for.html

🚨 Critical Security Alert! GitLab issues patches for CVE-2023-5009, a flaw allowing attackers to run pipelines as other users.

Protect your code—update now: https://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html

🛡️ Signal messaging app's latest update adds a quantum-resistant shield. Learn how the PQXDH protocol boosts encryption against future quantum threats.

Details here: https://thehackernews.com/2023/09/signal-messenger-introduces-pqxdh.html

🚨 Alert: Chinese-language speakers under attack!

Multiple email phishing campaigns are distributing dangerous malware, including ValleyRAT.

Read: http://thehackernews.com/2023/09/sophisticated-phishing-campaign_20.html

Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys.

Read: https://thehackernews.com/2023/09/fresh-wave-of-malicious-npm-packages.html

Attention IT admins! Update Nagios XI to version 5.11.2 now. The network monitoring software has patched four critical security flaws (CVE-2023-40931 to CVE-2023-40934), protecting against privilege escalation and information disclosure.

Read: https://thehackernews.com/2023/09/critical-security-flaws-exposed-in.html

🚨 Beware of Fake Exploits! A malicious actor tried to trick users with a fake WinRAR PoC exploit on GitHub, aiming to infect them with VenomRAT malware.

Learn more: https://thehackernews.com/2023/09/beware-fake-exploit-for-winrar.html

⚠️ Attention Linux users who downloaded the "Free Download Manager" software between 2020 and 2022:

Its website was breached in 2020, and a Ukrainian hacker group distributed malware.

Learn about the incident: https://thehackernews.com/2023/09/ukrainian-hacker-suspected-to-be-behind.html

Gold Melody, the financially motivated cybercrime group, is selling access to compromised organizations for ransomware attacks.

Researchers have revealed their tactics and targets: https://thehackernews.com/2023/09/cyber-group-gold-melody-selling.html

🚨 China's Ministry of State Security accuses the U.S. of cyber espionage against Huawei servers since 2009.

Read: https://thehackernews.com/2023/09/china-accuses-us-of-decade-long-cyber.html

🚨 P2PInfect Worm Alert : P2PInfect malware activity skyrockets 600x in a week. Researchers shed light on its rapid growth and evolving tactics.

Read: https://thehackernews.com/2023/09/researchers-raise-red-flag-on-p2pinfect.html

Sandman, a new cyber threat actor, is targeting telecom providers across continents. Read more about this cyber espionage campaign.

Read: https://thehackernews.com/2023/09/mysterious-sandman-threat-actor-targets.html

🚨 Attention users! Apple issues patches for 3 new critical zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari. Stay safe with the latest updates for your devices.

Read details: https://thehackernews.com/2023/09/apple-rushes-to-patch-3-new-zero-day.html