Iranian threat actor OilRig is exploiting a Windows Kernel #vulnerability (CVE-2024-30088) to gain SYSTEM privileges, enabling backdoor deployment and data theft.

Learn how to protect your systems now https://thehackernews.com/2024/10/oilrig-exploits-windows-kernel-flaw-in.html

Veeam Backup flaw targeted for ransomware attacks—CVE-2024-40711 exploited!

This flaw allows attackers to create local admin accounts, granting them full control to deploy ransomware like Akira and Fog.

Learn how to defend against active threats: https://thehackernews.com/2024/10/critical-veeam-vulnerability-exploited.html

🚨 Researchers warn of entry-point vulnerabilities in ecosystems like PyPI & npm, enabling software supply chain attacks.

Command-jacking lets attackers harvest sensitive data using counterfeit packages & system command hijacking.

Read: https://thehackernews.com/2024/10/supply-chain-attacks-exploit-entry.html

Nation-state attackers are exploiting Ivanti CSA vulnerabilities, including zero-days, to breach and patch networks, locking out competitors.

Is your CSA secure? Stay proactive—read the report and tighten your patching strategy.

Read: https://thehackernews.com/2024/10/nation-state-attackers-exploiting.html

🛑 Jetpack WordPress plugin flaw, active since 2016, allows unauthorized access to user-submitted forms. Over 27M sites are at risk—update now to protect your users' data.

Read: https://thehackernews.com/2024/10/wordpress-plugin-jetpack-patches-major.html

Last week’s top threats include zero-day exploits, North Korean hackers, AI tools going rogue, and more.

Learn about GoldenJackal's breach of air-gapped systems, and the FBI's crypto sting.

Read: https://thehackernews.com/2024/10/thn-cybersecurity-recap-top-threats.html

Don’t miss out—stay secure and ready for the next wave!

Cybersecurity researchers have uncovered a new malware campaign using Hijack Loader, signed with legitimate code-signing certificates, to bypass defenses and deploy information-stealing malware like Lumma.

Find details here: https://thehackernews.com/2024/10/researchers-uncover-hijack-loader.html

China accuses the U.S. of fabricating the Volt Typhoon threat actor and deploying false flags and backdoors to conceal its own cyberattacks.

Details here: https://thehackernews.com/2024/10/china-accuses-us-of-fabricating-volt.html

Mismanaged vulnerabilities in cloud environments are delaying incident responses and putting businesses at greater risk.

Discover how unified detection can close cloud security gaps and stop stealthy attacks before they unfold.

Read: https://thehackernews.com/2024/10/5-steps-to-boost-detection-and-response.html

🔥 Industry-first report covering real-world attacks on GenAI, analyzing 2,000+ LLM apps. Including jailbreak methods, adversaries' objectives, and technical insights.

Download the Pillar Security's full report here: https://thn.news/genai-attacks

North Korean hackers are now using a Linux variant of the notorious FASTCash malware to target ATMs by compromising payment switches in ATM cashout schemes.

Learn more: https://thehackernews.com/2024/10/new-linux-variant-of-fastcash-malware.html

DarkVision RAT returns in a new campaign via PureCrypter, enabling attackers to steal passwords, record screens, and gain full remote access for just $60—making sophisticated breaches accessible even to non-technical cybercriminals.

Read: https://thehackernews.com/2024/10/new-malware-campaign-uses-purecrypter.html

TrickMo Android trojan has upgraded—now stealing unlock patterns and PINs by mimicking the lock screen!

With thousands of stolen credentials already exposed, it’s targeting banking data, corporate VPNs, social media, and healthcare apps.

https://thehackernews.com/2024/10/trickmo-banking-trojan-can-now-capture.html

💥 A critical flaw in SolarWinds Web Help Desk (CVE-2024-28987) has been actively exploited, and it involves hard-coded credentials that allow attackers to access sensitive help desk tickets.

Learn more: https://thehackernews.com/2024/10/cisa-warns-of-active-exploitation-in.html

🛡️ GitHub has released urgent security updates to fix a critical flaw (CVE-2024-9487) with a CVSS score of 9.5!

This bug allows unauthorized access by bypassing SAML SSO authentication—an immediate threat to your enterprise.

Details: https://thehackernews.com/2024/10/github-patches-critical-flaw-in.html

🛑 A new spear-phishing campaign in Brazil is using a clever trick to bypass security guardrails and deliver the dangerous Astaroth #malware.

Learn how to protect your organization from this growing threat: https://thehackernews.com/2024/10/astaroth-banking-malware-resurfaces-in.html

Zero-day vulnerabilities are on the rise, leaving businesses exposed.

NDR solutions with machine learning can detect network anomalies before attacks happen. Learn how AI-driven NDR is key to defending against these evolving threats.

https://thehackernews.com/2024/10/rise-of-zero-day-vulnerabilities.html

🔥 One click, and chaos begins!

North Korean APT group ScarCruft has been linked to the exploitation of a zero-day Windows flaw (CVE-2024-38178), targeting unpatched Internet Explorer Mode in Edge, infecting devices with RokRAT malware.

Read: https://thehackernews.com/2024/10/north-korean-scarcruft-exploits-windows.html

🛡️ Malware like AgentTesla is making headlines for its stealthy data theft tactics.

With tools like ANYRUN's Threat Intelligence Lookup, offering searches across 40+ indicators and live sandbox analysis, threat detection has never been more powerful.

Read: https://thehackernews.com/2024/10/5-techniques-for-collecting-cyber.html

🔒 FIDO Alliance has proposed a new protocol to securely transfer passkeys 🔑 across different platforms.

Backed by Apple, Google, Microsoft, and Amazon, this signals a major shift in the future of authentication.

Read: https://thehackernews.com/2024/10/fido-alliance-drafts-new-protocol-to.html