🔥 Urgent: Google released security updates for Chrome to fix a new ZERO-DAY (CVE-2024-5274) under active exploitation in the wild.

Details - https://thehackernews.com/2024/05/google-detects-4th-chrome-zero-day-in.html

Users of Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi should watch for patches.

🚨 Watch out! Fake antivirus sites mimicking Avast, Bitdefender, and Malwarebytes are spreading malware like SpyNote (Android), Lumma, and StealC (Windows) to steal your data.

Learn more: https://thehackernews.com/2024/05/fake-antivirus-websites-deliver-malware.html

🛡️ Attention CISOs: Colonial pipeline and SolarWinds attacks highlighted cloud security challenges in DevOps.

Learn to maintain cloud security in #DevOps. Ensure innovation without compromising security.

More insights: https://thehackernews.com/2024/05/devops-dilemma-how-can-cisos-regain.html

⚡ Wondering how cybercriminals outsmart even the best security systems?

Join this can't-miss expert WEBINAR to uncover their tactics.

Save your spot now: https://thehackernews.com/2024/05/how-do-hackers-blend-in-so-well-learn.html

🕵️‍♂️ Attackers can create rogue VMs within your VMware environment to evade detection!

MITRE analysis of a recent Chinese threat actor UNC5221 attack shows they used this tactic to maintain network access.

🔐 Read the full article: https://thehackernews.com/2024/05/hackers-created-rogue-vms-to-evade.html

Researchers found a vulnerability in AI-as-a-service provider "Replicate" that could allow unauthorized access to proprietary AI models and sensitive data.

Read: https://thehackernews.com/2024/05/experts-find-flaw-in-replicate-ai.html

The issue stemmed from the arbitrary code execution potential in AI model packaging.

Indian government, defense, and aerospace sectors targeted by Pakistan-nexus actor Transparent Tribe using cross-platform malware written in Python, Golang, and Rust.

Learn about the new set of attacks: https://thehackernews.com/2024/05/pakistan-linked-hackers-deploy-python.html

🚨 Experts have uncovered phishing campaigns using HTML smuggling, DNS tunneling, generative AI, PhaaS toolkits, malvertising, and Cloudflare Workers to serve malicious sites targeting Microsoft and Gmail credentials.

Find out more: https://thehackernews.com/2024/05/new-tricks-in-phishing-playbook.html

🚨 Cyber Alert: #Microsoft highlights Morocco-based Storm-0539, stealing up to $100,000/day in gift card fraud.

🔗 Discover the full story: https://thehackernews.com/2024/05/moroccan-cybercrime-group-steals-up-to.html

🚨 83% of organizations have fallen victim to phishing. It’s time to rethink our security strategies. Discover innovative solutions that inspect web sessions and neutralize threats in real-time.

Read the full report: https://thehackernews.com/2024/05/report-dark-side-of-phishing-protection.html

🚨 Critical Alert: TP-Link Archer C5400X 🎮 Gaming Router Vulnerability.

🚦 Severity: Maximum (CVSS 10.0)

🛡️ Impact: Remote code execution Patch available: Firmware version 1_1.1.7 Protect your network, update now!

Read more: https://thehackernews.com/2024/05/tp-link-gaming-router-vulnerability.html

Unknown threat actors are targeting WordPress sites with a new attack vector, using the Dessky Snippets plugin to insert malicious PHP code and harvest credit card data.

Read More 👉 https://thehackernews.com/2024/05/wordpress-plugin-exploited-to-steal.html

Dual Threat: CatDDoS & DNSBomb!

🐱 CatDDoS botnet exploits 80+ vulnerabilities, targeting 300+ devices daily for DDoS attacks.

💣 DNSBomb, a new attack technique, achieves a 20,000x amplification in PDoS attacks.

Read the full story: https://thehackernews.com/2024/05/researchers-warn-of-catddos-botnet-and.html

Special deals from the ANYRUN interactive malware sandbox 🎁

New and existing clients can receive:
✅ 6 months of free service
✅ Additional licenses for team members

Get it until May 31 ➡️ https://thn.news/anyrun-sandbox

🔒 With endless cyber threats, the 'spray 'n pray' approach is costing you big time. Discover the secret to prioritizing your resources and efforts on what truly matters.

Don’t miss out – read the full article now: https://thehackernews.com/2024/05/4-step-approach-to-mapping-and-securing.html

💸 Indian national pleads guilty to stealing over $37M through fake Coinbase website.

In separate cases, a Ukrainian arrested for aiding North Korean IT workers; Vietnamese charged for helping Chinese remote IT workers commit wire fraud.

Read: https://thehackernews.com/2024/05/indian-national-pleads-guilty-to-37.html

🚨 BreachForums domain is back online just 2 weeks after a law enforcement takedown!

Trap or blunder?

Learn more: https://thehackernews.com/2024/05/breachforums-returns-just-weeks-after.html

It's now selling: 1.3 TB database with 560M Ticketmaster customers' data for $500K!

Microsoft uncovers Moonstone Sleet, a new North Korean hacker group targeting various sectors with ransomware and custom malware, using fake companies and tools to infiltrate targets.

Details here: https://thehackernews.com/2024/05/microsoft-uncovers-moonstone-sleet-new.html

💻 Malachi Mullings, a 31-year-old from Georgia, has been sentenced to 10 years for laundering $4.5 million through BEC and 💔 romance scams.

Learn how they pulled off the scam: https://thehackernews.com/2024/05/us-sentences-31-year-old-to-10-years.html

🎉 Introducing GRC Mastery — Cyber Security GRC Training for beginners.

📽️ Video modules, assessments, quizzes.
🏆 Master risk management, audit, compliance, asset management.
🔭 Capstone Project: NIST assessment.
🎓 Earn a certificate.

Check it out: https://grcmastery.com