⚠️ An unknown threat actor is exploiting Microsoft Exchange Server flaws to deploy stealthy keylogger malware in targeted attacks aimed at government agencies, banks, and educational institutions.

Details here - https://thehackernews.com/2024/05/ms-exchange-server-flaws-exploited-to.html

🚨 New cryptojacking malware campaign HIDDEN SHOVEL uses GHOSTENGINE payload to exploit vulnerable drivers, disable EDRs, and install XMRig miner in a BYOVD attack.

Find details here: https://thehackernews.com/2024/05/ghostengine-exploits-vulnerable-drivers.html

🚨 CISA Urgent Advisory:

Rockwell Automation urges disconnecting all industrial control systems (ICS) not meant for the public internet to prevent cyber threats amid heightened geopolitical tensions.

Learn more: https://thehackernews.com/2024/05/rockwell-advises-disconnecting-internet.html

🌐 Researchers uncover a stealthy threat group, dubbed "Unfading Sea Haze," targeting high-level organizations in the South China Sea. Poor credential hygiene and outdated patches enable these attacks to succeed.

Read: https://thehackernews.com/2024/05/researchers-warn-of-chinese-aligned.html

The number of SaaS apps in enterprises is skyrocketing, creating complex security challenges.

Discover how SaaS Security Posture Management (SSPM) can help protect your organization against evolving threats.

Get 2025 Ultimate SaaS Security Checklist: https://thehackernews.com/2024/05/the-ultimate-saas-security-posture.html

Microsoft to deprecate VBScript in favor of JavaScript and PowerShell. The tech giant plans to phase out the scripting language starting in the second half of 2024.

Learn more: https://thehackernews.com/2024/05/the-end-of-era-microsoft-phases-out.html

🔥 Ivanti released patches for multiple critical security flaws (CVE-2024-29822 through CVE-2024-29827) in Endpoint Manager (EPM) — 6 of these are SQL injection vulnerabilities that allow RCE without authentication.

Learn more: https://thehackernews.com/2024/05/ivanti-patches-critical-remote-code.html

What are the 5️⃣ core components of any robust SaaS Security Posture Management (SSPM) solution?

Learn how to choose the right SSPM vendor for your organization and get a list of 25 questions to ask in your security assessment.

Download the guide: https://thn.news/sspm-guide-ln

🚨 Chinese APT group targets government entities in the Middle East, Africa, and Asia in a large-scale cyber espionage campaign dubbed Operation "Diplomatic Specter."

Learn more about the tactics and techniques used by the attackers: https://thehackernews.com/2024/05/inside-operation-diplomatic-specter.html

🌐 Sharp Dragon, a China-linked threat actor, extends its cyber espionage reach to Africa and the Caribbean, targeting governmental organizations.

Learn more about their tactics: https://thehackernews.com/2024/05/new-frontiers-old-tactics-chinese-cyber.html

Did you know the average company uses over 400 SaaS applications? Yet, 56% of IT pros aren’t aware of their data backup responsibilities.

Discover the hidden secrets in your backup data and how to keep them safe: https://thehackernews.com/2024/05/are-your-saas-backups-as-secure-as-your.html

🔐 Attention: CISA has added a critical security flaw (CVE-2020-17519) in Apache Flink to its Known Exploited Vulnerabilities catalog. Attackers are exploiting this flaw to gain unauthorized access to sensitive information.

Learn more: https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-apache.html

🚨 Ransomware attacks on VMware ESXi follow a similar pattern, exploiting misconfigurations and vulnerabilities.

Learn the key steps and how to protect your organization: https://thehackernews.com/2024/05/ransomware-attacks-exploit-vmware-esxi.html

🚨 ALERT: BLOODALCHEMY malware, an updated version of Deed RAT and successor to ShadowPad, targets government organizations in Southern and Southeastern Asia.

Learn more: https://thehackernews.com/2024/05/japanese-experts-warn-of-bloodalchemy.html

🚨 A shocking supply chain attack impacting courtroom video recording software. Malicious actors backdoored the installer for JAVS Viewer v8.3.7 to deliver RustDoor malware.

📰 Find out more: https://thehackernews.com/2024/05/courtroom-software-backdoored-to.html

🔥 Urgent: Google released security updates for Chrome to fix a new ZERO-DAY (CVE-2024-5274) under active exploitation in the wild.

Details - https://thehackernews.com/2024/05/google-detects-4th-chrome-zero-day-in.html

Users of Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi should watch for patches.

🚨 Watch out! Fake antivirus sites mimicking Avast, Bitdefender, and Malwarebytes are spreading malware like SpyNote (Android), Lumma, and StealC (Windows) to steal your data.

Learn more: https://thehackernews.com/2024/05/fake-antivirus-websites-deliver-malware.html

🛡️ Attention CISOs: Colonial pipeline and SolarWinds attacks highlighted cloud security challenges in DevOps.

Learn to maintain cloud security in #DevOps. Ensure innovation without compromising security.

More insights: https://thehackernews.com/2024/05/devops-dilemma-how-can-cisos-regain.html

⚡ Wondering how cybercriminals outsmart even the best security systems?

Join this can't-miss expert WEBINAR to uncover their tactics.

Save your spot now: https://thehackernews.com/2024/05/how-do-hackers-blend-in-so-well-learn.html

🕵️‍♂️ Attackers can create rogue VMs within your VMware environment to evade detection!

MITRE analysis of a recent Chinese threat actor UNC5221 attack shows they used this tactic to maintain network access.

🔐 Read the full article: https://thehackernews.com/2024/05/hackers-created-rogue-vms-to-evade.html