Google partners with GASA and DNS RF to launch the Global Signal Exchange (GSE), providing real-time insights into scam patterns to protect businesses from cybercrime.

Read: https://thehackernews.com/2024/10/google-joins-forces-with-gasa-and-dns.html

🚨 Warning: A critical #vulnerability (CVE-2024-9680) in Firefox is being actively exploited.

Don’t wait—ensure your browsers are updated now to protect against potential remote code execution.

Learn more: https://thehackernews.com/2024/10/mozilla-warns-of-active-exploitation-in.html

⚠️ Cyber Alerts:

—Fortinet CVE-2024-23113 actively exploited, patch by Oct 30!
—Palo Alto Expedition vulnerable to SQL & OS injection.
—Cisco patches critical bug in Nexus Dashboard Fabric Controller.

Read: https://thehackernews.com/2024/10/cisa-warns-of-critical-fortinet-flaw-as.html

Critical systems must be patched immediately.

🚨 New "Mongolian Skimmer" uses Unicode obfuscation to steal sensitive data from e-commerce sites!

It disables debugging tools & adapts to browsers, making it highly evasive.

Learn more: https://thehackernews.com/2024/10/cybercriminals-use-unicode-to-hide.html

🧐 SOC Analyst burnout is surging, with 80.8% expecting stress to worsen. AI-driven triage and response can ease the burden, allowing analysts to focus on higher-value tasks.

Discover how AI can lighten the load for your team: https://thehackernews.com/2024/10/6-simple-steps-to-eliminate-soc-analyst.html

A critical unpatched #vulnerability (CVE-2024-9441) in the Nice Linear eMerge E3 access controller has been uncovered, carrying a CVSS score of 9.8, with proof-of-concept exploits already circulating.

Learn more: https://thehackernews.com/2024/10/experts-warn-of-critical-unpatched.html

👩‍💻 OpenAI disrupts 20+ global deceptive operations exploiting AI models for advanced cyber activities like phishing, influence operations, and even election interference.

Learn more: https://thehackernews.com/2024/10/openai-blocks-20-global-malicious.html

The digital landscape is shifting fast—are you ready to keep up with the latest threats? 🌐⚡

Join us on October 17 as we break down the key findings from the 2024 Kaseya Cybersecurity Survey! Get insights into:

🚀 How AI is transforming cyberattacks
👥 The challenges of user behavior
🛡️ How network penetration testing secure your network
📈 What companies are doing to prepare for 2025

📅 Date: October 17
⏰ Time: 1 PM EST / 10 AM PST
🔗 Save Your Spot: https://thn.news/cyber-survey-2024

Don’t miss this session to stay one step ahead in cybersecurity!

🌍 Dutch police have dismantled Bohemia and Cannabia, the largest darkweb markets for illegal goods and cybercrime. Arrests in the Netherlands and Ireland, with €8M in seized cryptocurrency, prove dark web anonymity is fading.

Read: https://thehackernews.com/2024/10/bohemia-and-cannabia-dark-web-markets.html

🚩 A critical security flaw in GitLab (CVE-2024-9164) could allow attackers to run CI/CD pipelines on unauthorized branches.

Find details here: https://thehackernews.com/2024/10/new-critical-gitlab-vulnerability-could.html

Update your instance ASAP to avoid becoming the next victim.

💻🔒 Cybercriminals are leveling up! Phishing campaigns now exploit GitHub links, Telegram bots, and even QR codes to bypass security and deliver malware.

Read: https://thehackernews.com/2024/10/github-telegram-bots-and-qr-codes.html

🔥 FBI created its own cryptocurrency token, NexFundAI, to bust widespread market manipulation. Several market makers are charged with wash trading and a pump-and-dump scheme.

Read: https://thehackernews.com/2024/10/fbi-creates-fake-cryptocurrency-to.html

Iranian threat actor OilRig is exploiting a Windows Kernel #vulnerability (CVE-2024-30088) to gain SYSTEM privileges, enabling backdoor deployment and data theft.

Learn how to protect your systems now https://thehackernews.com/2024/10/oilrig-exploits-windows-kernel-flaw-in.html

Veeam Backup flaw targeted for ransomware attacks—CVE-2024-40711 exploited!

This flaw allows attackers to create local admin accounts, granting them full control to deploy ransomware like Akira and Fog.

Learn how to defend against active threats: https://thehackernews.com/2024/10/critical-veeam-vulnerability-exploited.html

🚨 Researchers warn of entry-point vulnerabilities in ecosystems like PyPI & npm, enabling software supply chain attacks.

Command-jacking lets attackers harvest sensitive data using counterfeit packages & system command hijacking.

Read: https://thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html

Nation-state attackers are exploiting Ivanti CSA vulnerabilities, including zero-days, to breach and patch networks, locking out competitors.

Is your CSA secure? Stay proactive—read the report and tighten your patching strategy.

Read: https://thehackernews.com/2024/10/nation-state-attackers-exploiting.html

🛑 Jetpack WordPress plugin flaw, active since 2016, allows unauthorized access to user-submitted forms. Over 27M sites are at risk—update now to protect your users' data.

Read: https://thehackernews.com/2024/10/wordpress-plugin-jetpack-patches-major.html

Last week’s top threats include zero-day exploits, North Korean hackers, AI tools going rogue, and more.

Learn about GoldenJackal's breach of air-gapped systems, and the FBI's crypto sting.

Read: https://thehackernews.com/2024/10/thn-cybersecurity-recap-top-threats.html

Don’t miss out—stay secure and ready for the next wave!

Cybersecurity researchers have uncovered a new malware campaign using Hijack Loader, signed with legitimate code-signing certificates, to bypass defenses and deploy information-stealing malware like Lumma.

Find details here: https://thehackernews.com/2024/10/researchers-uncover-hijack-loader.html

China accuses the U.S. of fabricating the Volt Typhoon threat actor and deploying false flags and backdoors to conceal its own cyberattacks.

Details here: https://thehackernews.com/2024/10/china-accuses-us-of-fabricating-volt.html