Did you know the average company uses over 400 SaaS applications? Yet, 56% of IT pros aren’t aware of their data backup responsibilities.

Discover the hidden secrets in your backup data and how to keep them safe: https://thehackernews.com/2024/05/are-your-saas-backups-as-secure-as-your.html

🔐 Attention: CISA has added a critical security flaw (CVE-2020-17519) in Apache Flink to its Known Exploited Vulnerabilities catalog. Attackers are exploiting this flaw to gain unauthorized access to sensitive information.

Learn more: https://thehackernews.com/2024/05/cisa-warns-of-actively-exploited-apache.html

🚨 Ransomware attacks on VMware ESXi follow a similar pattern, exploiting misconfigurations and vulnerabilities.

Learn the key steps and how to protect your organization: https://thehackernews.com/2024/05/ransomware-attacks-exploit-vmware-esxi.html

🚨 ALERT: BLOODALCHEMY malware, an updated version of Deed RAT and successor to ShadowPad, targets government organizations in Southern and Southeastern Asia.

Learn more: https://thehackernews.com/2024/05/japanese-experts-warn-of-bloodalchemy.html

🚨 A shocking supply chain attack impacting courtroom video recording software. Malicious actors backdoored the installer for JAVS Viewer v8.3.7 to deliver RustDoor malware.

📰 Find out more: https://thehackernews.com/2024/05/courtroom-software-backdoored-to.html

🔥 Urgent: Google released security updates for Chrome to fix a new ZERO-DAY (CVE-2024-5274) under active exploitation in the wild.

Details - https://thehackernews.com/2024/05/google-detects-4th-chrome-zero-day-in.html

Users of Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi should watch for patches.

🚨 Watch out! Fake antivirus sites mimicking Avast, Bitdefender, and Malwarebytes are spreading malware like SpyNote (Android), Lumma, and StealC (Windows) to steal your data.

Learn more: https://thehackernews.com/2024/05/fake-antivirus-websites-deliver-malware.html

🛡️ Attention CISOs: Colonial pipeline and SolarWinds attacks highlighted cloud security challenges in DevOps.

Learn to maintain cloud security in #DevOps. Ensure innovation without compromising security.

More insights: https://thehackernews.com/2024/05/devops-dilemma-how-can-cisos-regain.html

⚡ Wondering how cybercriminals outsmart even the best security systems?

Join this can't-miss expert WEBINAR to uncover their tactics.

Save your spot now: https://thehackernews.com/2024/05/how-do-hackers-blend-in-so-well-learn.html

🕵️‍♂️ Attackers can create rogue VMs within your VMware environment to evade detection!

MITRE analysis of a recent Chinese threat actor UNC5221 attack shows they used this tactic to maintain network access.

🔐 Read the full article: https://thehackernews.com/2024/05/hackers-created-rogue-vms-to-evade.html

Researchers found a vulnerability in AI-as-a-service provider "Replicate" that could allow unauthorized access to proprietary AI models and sensitive data.

Read: https://thehackernews.com/2024/05/experts-find-flaw-in-replicate-ai.html

The issue stemmed from the arbitrary code execution potential in AI model packaging.

Indian government, defense, and aerospace sectors targeted by Pakistan-nexus actor Transparent Tribe using cross-platform malware written in Python, Golang, and Rust.

Learn about the new set of attacks: https://thehackernews.com/2024/05/pakistan-linked-hackers-deploy-python.html

🚨 Experts have uncovered phishing campaigns using HTML smuggling, DNS tunneling, generative AI, PhaaS toolkits, malvertising, and Cloudflare Workers to serve malicious sites targeting Microsoft and Gmail credentials.

Find out more: https://thehackernews.com/2024/05/new-tricks-in-phishing-playbook.html

🚨 Cyber Alert: #Microsoft highlights Morocco-based Storm-0539, stealing up to $100,000/day in gift card fraud.

🔗 Discover the full story: https://thehackernews.com/2024/05/moroccan-cybercrime-group-steals-up-to.html

🚨 83% of organizations have fallen victim to phishing. It’s time to rethink our security strategies. Discover innovative solutions that inspect web sessions and neutralize threats in real-time.

Read the full report: https://thehackernews.com/2024/05/report-dark-side-of-phishing-protection.html

🚨 Critical Alert: TP-Link Archer C5400X 🎮 Gaming Router Vulnerability.

🚦 Severity: Maximum (CVSS 10.0)

🛡️ Impact: Remote code execution Patch available: Firmware version 1_1.1.7 Protect your network, update now!

Read more: https://thehackernews.com/2024/05/tp-link-gaming-router-vulnerability.html

Unknown threat actors are targeting WordPress sites with a new attack vector, using the Dessky Snippets plugin to insert malicious PHP code and harvest credit card data.

Read More 👉 https://thehackernews.com/2024/05/wordpress-plugin-exploited-to-steal.html

Dual Threat: CatDDoS & DNSBomb!

🐱 CatDDoS botnet exploits 80+ vulnerabilities, targeting 300+ devices daily for DDoS attacks.

💣 DNSBomb, a new attack technique, achieves a 20,000x amplification in PDoS attacks.

Read the full story: https://thehackernews.com/2024/05/researchers-warn-of-catddos-botnet-and.html

Special deals from the ANYRUN interactive malware sandbox 🎁

New and existing clients can receive:
✅ 6 months of free service
✅ Additional licenses for team members

Get it until May 31 ➡️ https://thn.news/anyrun-sandbox

🔒 With endless cyber threats, the 'spray 'n pray' approach is costing you big time. Discover the secret to prioritizing your resources and efforts on what truly matters.

Don’t miss out – read the full article now: https://thehackernews.com/2024/05/4-step-approach-to-mapping-and-securing.html