TheMoon Malware Rapidly Infects 6,000 ASUS Routers in 72 Hours for Proxy Service*Code Execution Vulnerabilities Discovered in NVIDIA ChatRTX for Windows*Chinese APT Groups Targeting ASEAN Entities Uncovered*Guardio Labs Discovers Vulnerability in Microsoft Edge*Hackers Target India's Defense and Energy Sectors with Malware Disguised as Air Force Invitations*Dubious NuGet Package Raises Concerns of Chinese Industrial Espionage*Chinese Cybersecurity Firm Linked to Communist Party Government Targets Australia*Portugal Mandates Halt to Biometric Data Collection by Sam Altman's Worldcoin*State Department Issues Alert on Fraudulent Scheme Targeting Payroll Systems*UK Street Newspaper, Big Issue, Targeted by Ransomware Gang*Japan Conducts First Cyber Defense Exercises with Pacific Island Nations*Finland Confirms APT31 Hackers Responsible for 2021 Parliament Breach*AMD Zen CPUs Vulnerable to New ZenHammer Memory Attack*Giant Tiger Reports Customer Data Breach Linked to Third-Party Vendor*Free VPN Apps on Google Play Convert Android Devices into Proxies*Sophisticated Attack Campaign Targets GitHub with Malicious Packages Impacting Top.gg and Others*New Zealand Reveals State-Sponsored Cyberattacks from China*Critical 17,000 Vulnerabilities Found in German Microsoft Exchange Servers*Raspberry Pi Transformed into Cybercriminals' Plug-and-Play Fraud Tools*Lumen Technologies Uncovers 40,000-Strong Botnet Utilizing End-of-Life Devices*Panera Bread Hit by Nationwide IT Outage Since Saturday*Mitigating Shadow AI Risks in Organizational Settings*Petersen Health Care Declares Bankruptcy Following Cyberattack and Loan Defaults*Hacking Group R00Tk1t Targets Indian Political Party, Raises Concerns Ahead of Elections*UK's Communications Workers Union Faces Cyberattack*Google's AI-Driven Search Feature Accused of Promoting Scam Sites*StrelaStealer Malware Targets Organizations in US and EU Through Large-Scale Phishing Campaigns*Russian State-Backed Hackers Target Ukrainian Internet Providers in Sophisticated Cyberattacks*SCAA Faces Cyberattack: Data of 70,000 Members Possibly Compromised*Mozilla patches Firefox zero-days worth $100,000 after a two-day hackathon*German Authorities Dismantle Major Online Marketplace for Drugs and Cybercrime*Illinois County Government and Local College Hit by Ransomware Attacks*FlowFixation Vulnerability in AWS Managed Workflows for Apache Airflow*GoFetch Side-Channel Attack Targets Apple M1, M2, and M3 Processors*Ivanti Fixes Critical Vulnerabilities in Standalone Sentry, Neurons for ITSM*Tax Phishing Attack Targets Small Business Owners for Social Security Numbers*Security Researchers Uncover Critical Flaw in Hotel Door Systems*Foxit Reader Vulnerability Exploit Sparks Urgent Patch Release*GitHub Unveils AI-Powered Tool for Automatic Code Vulnerability Fixes*Pwn2Own Vancouver: Successful Hacks on Windows 11, Tesla, and Ubuntu Linux*Microsoft Releases Patch for Xbox Vulnerability After Initial Dismissal*Chinese Hacker Exploiting Vulnerabilities Targets Global Institutions*Malware-as-a-Service Campaign Targets Android Users in India*Hackers Target Belgian Grand Prix Fans with Phishing Scam*Critical Vulnerabilities Found in Argo GitOps Tool for Kubernetes*Atlassian Fixes Critical Vulnerability in Bamboo Data Center and Server*Windows Server Updates Trigger LSASS Memory Leak, Prompting Crashes*Critical Vulnerabilities Addressed in Chrome 123 and Firefox 124 Updates*US Department of Defense Celebrates Milestone in Ethical Hacking Program*Exploitation of TeamCity Vulnerability Linked to Jasmin Ransomware and Other Malware*New Loop DoS Attack Threatens Hundreds of Thousands of UDP-Based Hosts*TMChecker: New Dark Web Toolset Targets Remote Access Services and E-Commerce Platforms*Impact of Cyberattack on UnitedHealth Group's Change Healthcare Unit Sparks Legal Action*Phishing Campaign Unveils Ingenious Microsoft Office Tactic to Distribute NetSupport RAT*APIs Drive the Majority of Internet Traffic and Cybercriminals Exploit Them*Pensacola City Government Phone Lines Disabled by Cyberattack*Security Researchers Uncover Massive Data Leak from Misconfigured Google Firebase Instances*AcidPour, A New Data-Wiping Malware Targeting Linux IoT Devices*Expansion of International Spyware Agreement Includes Six New Countries*Nations Direct Mortgage Data Breach Exposes 83,000 Individuals' Information*Phishing Evolution: Hackers Target Popular Document Publishing Sites*Relentless Cyber Activity Targeting Global Critical Infrastructure*MediaWorks Investigates Alleged Data Breach Impacting 2.4 Million Individuals*Machine Learning Model Repositories Vulnerable to Supply Chain Attacks*Apex Legends Esports Tournament Temporarily Halted Due to Cheating Incident*Key MITRE ATT&CK Techniques Exploited by Cyber Attackers*Fujitsu Discovers Malware Breach, Customer Data Compromised*Unveiling an Evasive Azorult Campaign Leveraging HTML Smuggling via Google Sites*Fortra Fixes Critical Remote Code Execution (RCE) Vulnerability in FileCatalyst Transfer Tool*Unveiling the Earth Krahang APT Campaign: Targeting Government Entities Worldwide*Gitgub Malware Campaign Targets GitHub Users with RisePro Info-Stealer*Ransomware Threat Targets South African Pension Data*Unveiling a Novel Acoustic Side-Channel Attack on Keyboards*GhostRace: New Data Leakage Attack Exploits Speculative Execution*AT&T Denies Origin of Leaked Data Impacting 70 Million Individuals*ShadowSyndicate Hackers Exploits CVE-2024-23334 in Aiohttp Python Library*Scranton School District Faces Ransomware Attack, Disrupting Operations*Encina Wastewater Authority Targeted by BlackByte Ransomware Group*WordPress Sites Vulnerable to Takeover Due to Discontinued Security Plugins*McDonald’s Experiences Global IT Failure Impacting Stores*Cisco Fixes High-Severity IOS XR Vulnerabilities*Oversubscribed and Outdated Supercomputers Cause Delays in NASA Missions*Threat Actors Exploit Document Publishing Sites for Persistent Credential and Session Token Theft*Irish Government Website Bug Exposing COVID-19 Vaccination Records Takes 2 Years to Publicly Disclose*StopCrypt Ransomware: Evading Detection as the Most Widely Distributed Threat*Real-Time URL Protection Integrated into Chrome's Standard Safe Browsing*Researchers Outline Vulnerability in Kubernetes Allowing Takeover of Windows Nodes*Alabama is Experiencing a DDoS Cyberattack with Alleged Support from Russian Hacktivists*Phone Number Hijacking: SIM Swappers Targeting eSIMs*Google's Gemini AI Vulnerable to LLM Threats, Researchers Warn*Billion-Dollar Boat Seller MarineMax Discloses Cyberattack to SEC*Vcurms Malware Sets Sights on Popular Web Browsers for Data Theft*Cloud-Based Assault Targets Meson Crypto CDN Prior to Launch*Chipmaker Patch Tuesday: Intel and AMD Tackle Fresh Microarchitectural Vulnerabilities*Data Breach Exposes Over 2.3 Million Records from Family Entertainment Business*Securing Third-Party App Usage in Mid-Market Companies Scaling from 500 to 5000 Employees*Server Leak Exposes Wealth of Customer Data from Leading EV Charging Firm*Exposed: Vulnerabilities in ChatGPT Plugins Compromise Data and Accounts*Roku Refunds 15,000 Breached Accounts for Unauthorized Subscriptions*Okta Denies Involvement in Data Leak on Hacking Forum*Data of 27,000 Individuals Compromised in September Ransomware Attack on Stanford*Microsoft Patch Tuesday Security Advisory - March 2024*Adobe Patches Critical Vulnerabilities in its Enterprise Products*Siemens Ruggedcom Devices Vulnerable to Nozomi Component Flaws in ICS Patch Tuesday*SAP Addresses Critical Command Injection Vulnerabilities with Patches*Acer Confirms Leak of Philippine Employee Data on Hacking Forum*EquiLend Alerts Employees of Data Theft by Ransomware Group*Belgian Village Hit by Cyberattack on Brewery Now Faces Second Incident Targeting Coffee Roastery*Copyright Lawsuit Targets Nvidia's NeMo AI Framework*Personal Information Leaked in Jersey Data Breach*The Global Rise of Sophisticated Vishing Campaigns*Microsoft SCCM Misconfigurations Unveiled by Researchers as Cyberattack Vectors*QNAP NAS Devices Vulnerable Due to Critical Security Flaw*French Government Facing Unusually Intense Cyberattacks*Leicester City Council Grapples with Extended IT Outage After Cyber Attack*Russian Gov Hackers Steal Microsoft Source Code via Email Surveillance*Paysign Investigates Potential Data Breach Amid Reports of Stolen Consumer Information*Australian graphics company Canva says font security remains a significant issue*Exploitation of WordPress Plugin Vulnerability Leads to Malware Infection on 3,300 Sites*QEMU Exploitation: A Novel Tunneling Technique Threatens Company Networks*In-Memory Web Shell Exploits Target Atlassian Confluence Vulnerability*CISA Alerts of Exploited Pixel Phone Vulnerability*Unpatched Sceiner Smart Lock Flaws Enable Unauthorized Door Access*Evolution of Threats: Transition from Web3 Drainer to Distributed WordPress Brute Force Attack*NTLM Authentication Vulnerability Exploited by TA577 Cyber Threat Actor*Chinese Government Hacking Group Targets Tibetans in Cyber Espionage Campaign*Swiss Government Documents and Credentials Leaked in Ransomware Attack*Technology Disruption Under Investigation at South St. Paul Public Schools*Snake Python-Based Information Stealer Targets Facebook Users in Cyberattacks*Cisco Addresses High-Severity Vulnerabilities in Secure Client VPN Application*Georgia Tech Redefines Industrial Cybersecurity Threats with Web-Based PLC Malware*PetSmart Issues Password Resets Amid Credential Stuffing Attack*Japanese Ministry Attributes Line Data Breach to Shared Technology with Naver*Google's March 2024 Android Security Update Addresses Critical Vulnerabilities*Beware of Fake Online Meeting Platforms Spreading Malicious RATs*HHS Support Measures for Healthcare Providers Amid Change Healthcare Ransomware Attack*Malicious Campaign Exploits Misconfigured Cloud Servers in Linux*Organizations are deliberately launching applications with known vulnerabilities*Canadian Financial Intelligence Agency Shuts Down Systems Amid Cyberattack*North Korean Threat Actors Exploit ConnectWise Vulnerabilities to Deploy TODDLERSHARK Malware*Cybercriminals Unleash Upgraded GhostLocker 2.0 Ransomware in Global Attack Campaign*North Korean Hackers Breach South Korean Semiconductor Companies*Apple Issues Urgent Software Update to Address Critical Security Flaws in iOS Platform*Meta-Owned Facebook and Instagram Experience Global Outage, Prompting Swift Response*Cybercriminals Utilize New DNS Hijacking for Investment Scams*WogRAT Malware Exploits Online Notepad Platform in Stealthy Attacks*FortiGuard Labs Discovers CHAVECLOAK Trojan Targeting Brazilian Banking Users*Data Breach at Mr. Green Gaming Exposes Personal Information of 27,000 Users*VMware Issues Urgent Patches for Critical ESXi Sandbox Escape Vulnerabilities*Cybercriminals Embrace AI: Shaping a New Era of Malware Development*Emerging Threat: Morris II Worm Exploits Generative AI for Malicious Propagation*Expansion of Predator Spyware: New Network Infrastructure in Botswana and the Philippines*RA World Ransomware: A Multistage Threat Employing Anti-AV Tactics and GPO Exploitation*Critical Vulnerabilities in JetBrains TeamCity On-Premises Potentially Allowing Server Takeovers*Sophisticated Phishing Attacks Target FCC Employees and Cryptocurrency Platforms*American Express Notifies Customers of Third-Party Service Provider Data Breach*Critical Vulnerabilities Patched in Hikvision's HikCentral Professional Security Management System*Exploitation of Major Brand Subdomains in Large-Scale Spam Campaign*Major Security Flaws Found in Doorbell Cameras Sold Online, Including Amazon*FBI and CISA Release Indicators of Compromise for Phobos Ransomware*Unit 42 Discovers New Linux Variant of Bifrost RAT with Innovative Evasion Tactics*U.S. Court Mandates NSO Group's Disclosure of Pegasus Spyware Code to WhatsApp*Golden Corral Data Breach Exposes Personal Information of 183,000 Individuals*CISA Alerts to Exploitation of Windows Streaming Service Vulnerability*Taiwan's Chunghwa Telecom Hit by Data Breach: 'Sensitive' Information Stolen by Hackers*Meta Fixes Facebook Account Takeover Vulnerability*North Korean Hackers Exploit Windows Zero-Day in Rootkit Attack*SPIKEDWINE Exploits European Diplomats Through WINELOADER Attack*BEAST AI: Disrupting Large Language Models in Just One Minute of GPU Time*Enterprises Struggle with Mobile Fraud Amid Surge in AI-Powered Attacks*Internet and Telecom Services Disrupted in Chad Amid Deadly Political Clashes*New Linux Malware GTPDOOR Exploits GPRS Tunnelling Protocol for Telecom Network Attacks*Cisco Fixes High-Severity Vulnerabilities in Data Center OS*Irish Foreign Affairs Ministry Finds 'No Evidence' of Cyber Breach After Extortion Claim*Pharmaceutical Distributor Cencora Discloses Data Exfiltration in Cybersecurity Incident*Savvy Seahorse Unveils Innovative DNS CNAME Technique*Travel Industry Faces Threat of Agent Tesla Malware Attacks Targeting Online Travelers*New Malware Campaign "TimbreStealer" Targeting Mexican Users Discovered by Cisco Talos*Bazaarvoice Targeted in Cyberattack by Mogilevich Ransomware Group*Malicious JavaScript in Tornado Cash DAO Compromises Transaction Privacy*medQ Acknowledges Data Breach Due to Software Encryption Incident*Anycubic 3D Printers Hacked, Users Warned of Vulnerability*Pepco Group's Hungarian Business Targeted in Phishing Attack, Suffers €15 Million Losses*Newly Discovered Xeno RAT Trojan Poses Significant Threat on GitHub*Web Check: Free Open-Source Intelligence Tool for Website Analysis*LoanDepot Confirms Data Breach: Almost 17 Million Customers Affected by Ransomware Attack*Hackers Exploit 14-Year-Old CMS Editor on Government and Education Sites for SEO Poisoning*Critical SQL Injection Vulnerability in WordPress Plugin Puts Over 200K Websites at Risk*Hugging Face Vulnerability Opens Door to Supply Chain Attacks on AI Models*New IDAT Loader Version Utilizes Steganography to Distribute Remcos RAT*Russian Cyberspies Exploit Dormant Accounts to Target Cloud Infrastructure*North Korean Hackers Distribute Malicious npm Packages Targeting Developers*Hackers Swipe Nearly $10 Million from Axie Infinity Co-Founder's Personal Accounts*Critical Security Vulnerability Discovered in Popular 'Ultimate Member' WordPress Plugin*Malawi Immigration Department Suspends Passport Services Due to Cyberattack*ThyssenKrupp Automotive Body Solutions Business Unit Falls Victim to Cyber Attack*Zyxel Addresses Remote Code Execution Vulnerability in Firewall Products with Patches*Hackers Expose 2.5M Private Plane Owners' Data in LA International Airport Breach*Major Brands' Subdomains Hijacked in Massive Spam Campaign*Biden's Executive Order Aims to Strengthen Cybersecurity Measures at Ports*Finance Department Expresses Regret Over Second Unintentional Data Leak in Four Months*High-severity Vulnerability in Apple Shortcuts App Exposes Sensitive Data*RCMP Probes Cybersecurity Incident During Ongoing Website Disruption*Quik Pawn Shop Targeted in Alleged Cyberattack by Akira Ransomware Group*UnitedHealth Confirms Optum Cyberattack, Leading to US Healthcare Billing Outage*Rising Threat: Web3 Malware Exploits Cryptocurrency Assets*SSH-Snake: Emerging Self-Modifying Worm Poses Threat to Networks*FTC Alleges Avast Sold Customer Browsing Data to Advertisers Without Consent*Singapore Sees Surge in Scams and Cybercrime Despite Anti-Scam Measures*Authentication Bypass Vulnerabilities Discovered in Wi-Fi Software for Android, Linux, and ChromeOS*Arizona Firm's Data Breach Affects 2.4 Million Patients*Ubuntu Addresses Multiple FreeImage Vulnerabilities*Tangerine Telecom Breach Impacts 232,000 Customers*Signal Beta Introduces Custom Usernames for Enhanced Privacy*Researchers Warn of Surging Banking Malware Campaign Exploiting Google Cloud Run*Researchers Unveil 'VoltSchemer' Attacks Exploiting Wireless Charger Vulnerabilities*Ransomware Attack Hits DC-Area School System, Affecting Data of 100,000 Individuals*Malicious PyPI Packages Exploit DLL Side-Loading for Supply Chain Attacks*Internal Documents from Chinese Hacking Contractor iSoon Exposed in Leak*DDoS Attack Disrupts Top UK Universities' Services*PSI Software, a Critical Infrastructure Vendor, Targeted by Ransomware Attack*VietCredCare, A New Malware Threat Targeting Facebook Advertisers in Vietnam*Chrome 122 and Firefox 123 Address High-Severity Vulnerabilities with Security Patches*Global Law Enforcement Targets LockBit Ransomware Syndicate*Linux Malware Campaign 'Migo' Targets Redis for Cryptomining*Hacker group Cactus Ransomware Confirms Schneider Electric Hack*North Korea Expands Revenue with Malware-Infused Gambling Websites as-a-Service*Malware Attacks Increases as MacOS Adoption Rises: New Threats Target Apple Users*M.O.R.E' Ransomware Surfaces on Dark Web, Posing Threat to Users Across Windows, Mac, and Linux Platforms*Wyze Camera Breach Exposed 13,000 Strangers to View Inside Homes*Critical Vulnerabilities Identified in ConnectWise ScreenConnect*KeyTrap Vulnerability: Disrupting Internet Access with a Single DNS Packet*Researchers Warn Smart Lawn Mowers could be a Target for Cyberattacks*Revealing the Enigmatic 'MMS Fingerprint' Hack by NSO Group in Mobile and Wireless Networks*Security Breach at Jaypee University in India: Allegations of Compromised Institute and Disclosure of Sensitive Data*Anatsa Android Malware Infects Over 150,000 Devices Through Google Play Downloads*Escalating DDoS Attacks Pose Threat to Media Freedom in Europe*New Espionage Campaign Targets European and Iranian Embassies by Russia-Aligned Hackers*New MonikerLink Flaw Puts Outlook Users at Risk of Data Theft and Malware Exposure*Hackers Allegedly Breach Staffing Giant Robert Half, Offer Sensitive Data for Sale*Critical Security Flaw in GL-AX1800 Router Allows Remote Code Execution by Attackers*Hacker Caught Selling Bank Accounts of US and Canadian Users*Cybersecurity Crisis Unfolds in India's Financial Sector as Motilal Oswal Breached*Mastermind Behind FBI's Most-Wanted Zeus and IcedID Malware Cases Admits Guilt*Eight Critical Vulnerabilities Revealed in the AI Development Supply Chain*Cryptocurrency Firms Targeted by RustDoor macOS Backdoor Disguised as Job Offers*Exploiting AWS for Mass Smishing: Unveiling the Malicious 'SNS Sender' Script*U.S. Authorities Disrupt Russia-Linked Botnet Involved in Cyber Espionage Activities*Unauthorized Access to U.S. State Government Network Exploiting Former Employee's Account*ALPHV Ransomware Announces Successful Attacks on loanDepot and Prudential Financial*CISA Urges Immediate Patching of Cisco ASA Flaw Exploited in Ransomware Attacks*Critical RCE Vulnerabilities Patched by SolarWinds in Access Rights Manager*CUSG CMS Vulnerabilities Exposed Credit Unions to Attacks*TicTacToe Dropper Unleashes Data Theft and Multi-Threat Spread on Windows Systems*New 'Gold Pickaxe' Malware on Android and iOS: Targeting Users through Facial Data Theft for Fraudulent Activities*U.S. Internet Exposes Extended History of Internal and Customer Emails*Chinese Hackers Utilize Deepfakes in Mobile Banking Malware*RansomHouse Gang Launches MrAgent Tool for Automated VMware ESXi Attacks*Uncovering Three Key Application Security Flaws Beyond Automated Scanner Detection*South Korea Accuses North Korean Hackers of Breaching Presidential Office Email Account*JabberZeus Leader Pleads Guilty to Zeus and IcedID Malware Operations*Russian Threat Actor Turla Targets Polish NGOs with Newly Deployed TinyTurla-NG Backdoor*ESET Fixes High-Severity Privilege Escalation Vulnerability*Microsoft Acknowledges Exploitation of Critical Zero Day Vulnerability in Exchange Server*Qakbot Malware Signals Potential Resurgence Post Law Enforcement Takedown*Atlassian Vulnerability Identified as Cause of GAO Breach*Microsoft and OpenAI Issue Alert Regarding Nation-State Hackers Utilizing AI for Cyber Attacks*DNSSEC Vulnerability Single Malicious Packet Can Disable DNS Servers*The Ubuntu Command not found Tool may cause Users to Install Rogue Packages*Trans Northern Pipelines Investigates Cyber Breach by ALPHV or BlackCat Ransomware Gang*Varta AG Halts Production Following Cyberattack on IT Systems*Researchers Reveal KeyTrap DNS Vulnerability with Potential to Disable Large Parts of Internet*Zoom Fixes Critical Vulnerability in Windows Applications*Resurgence of Bumblebee Malware Attacks Following 4-Month Hiatus*Data Breach at Integris Health Affects 2.4 Million Patients*Cybercriminals Enhance Glupteba Botnet's Evasion Methods with Undocumented UEFI Bootkit*Microsoft Patch Tuesday Security Advisory - February 2024*PikaBot Emerges with Enhanced Code Efficiency and Sneaky Strategies*Jet Engine Dealer Reports Unauthorized Activity Amid Cybersecurity Incident*Prudential Financial Reports Network Breach, Employee Data Compromised*CISA Adds Roundcube Email Software Flaw to Known Exploited Vulnerabilities Catalog*Microsoft Addresses Zero-Day Exploited in DarkMe RAT Distribution Campaign*Cyber Fraud Epidemic: Telangana Loses 150 Crore in Just Over a Month*Cybercriminals Exploit Three Familiar Vulnerabilities in Microsoft Word and Excel*Ransomware Attack Shuts Down 21 Romanian Hospitals*FCC Implements Stricter Data Breach Reporting Rules for Telecoms*Bank of America Alerts Customers About Data Breach Following Vendor Cyberattack*Microsoft Introduces Sudo for Windows 11 to Streamline Command Execution*Senior Executives Targeted in Ongoing Azure Cloud Account Takeover Campaign*Free Decryption Tool Released After Rhysida Ransomware Successfully Cracked*Security Flaw in Smart Helmets Puts Millions in Danger of Hacking and Surveillance*Largest Casino's Mobile App Exposes Customer Personal Information*U.S. Justice Department Dismantles Warzone RAT Infrastructure and Apprehends Key Operators*UK Shifts from Physical Biometric Immigration Cards to E-Visas*Microsoft Outlook Clients Encounter Exchange ActiveSync Syncing Issues*Canada Moves to Ban Flipper Zero and Similar Devices Amid Car Theft Concerns*ExpressVPN Bug Exposes DNS Requests Over Years, Compromising User Privacy*New Variant of MoqHao Android Malware Operates Without User Interaction*Zardoor Backdoor Stealthily Targets Saudi Islamic Charity Organization*New Ivanti Authentication Bypass Flaw Impacts Connect Secure and ZTA*Raspberry Robin Exploits New One-Day Vulnerabilities, Enhancing Stealth and Persistence*Advanced macOS Malware Disguised as Visual Studio Update*Hyundai Motor Europe Hit by Black Basta Ransomware Attack*Ransomware Attack Paralyzes Municipality of Korneuburg, Austria*Microsoft Reveals New Windows 11 Feature: 'Sudo for Windows'*LastPass Users at Risk from Counterfeit App on Apple App Store*Escalating Iranian Offensive Cyber Operations Amid Israel-Hamas Conflict*Analysis of HijackLoader Malware's Enhanced Defense Evasion Techniques*APTs Exploit FortiOS Vulnerabilities in Critical Infrastructure Attacks*Vulnerabilities in Cisco's Enterprise Communication Devices are Patched*Google's Pilot Program Targets Financial Fraud by Blocking Risky Android APKs*No Evidence of 3 Million Electric Toothbrushes Used in DDoS Attack*Shim Vulnerability Poses Critical Risk to Majority of Linux Systems, Allowing Complete Compromise*Security Flaw Exposes User Data in Spoutible, Prompting Concerns and Remedial Actions*Danish Data Protection Authority Issues Injunction on Student Data Transfer to Google*66,000 Individuals Impacted by SIM-Swapping Attacks Targeting US Insurance Giants*Researchers Expose DiceLoader Malware Targeting Corporate Businesses*U.S. Agencies Issue Warning on Chinese Cyber-Espionage Group's Threat to Critical Infrastructure*Canon Mitigates 7 Critical Flaws in Small Office Printers with Urgent Patches*Fortinet Addresses Critical Flaws in FortiSIEM with Immediate Patches*False Facebook Job Ads Spreading 'Ov3r_Stealer' to Take Crypto and Credentials*JetBrains Alerts of Fresh Authentication Bypass Vulnerability in TeamCity*Verizon Insider Data Breach Impacts Over 63,000 Employees*New Vulnerabilities Uncovered in Azure HDInsight Spark, Kafka, and Hadoop Services*Android Addresses Critical Remote Code Execution Vulnerability with Patch*Pennsylvania Courts Website Targeted in Denial-of-Service (DoS) Attack Disruption*French Healthcare Firm Viamedis Faces Cyberattack, Potentially Impacting Millions*AI SPERA Introduces Criminal IP ASM on Microsoft Azure Marketplace*Dutch Ministry of Defence Targeted in Chinese State-Sponsored Cyberattack*Cybercriminals Exploit Job Boards, Pilfering Millions of Resumes and Personal Data*ApateWeb: Cybercriminals Exploit Over 130,000 Domains for Large-Scale Cyber Attacks*Employee Falls Victim to $25.6M Deepfake Scam Involving AI-Generated CFO*Microsoft Investigating Outlook Security Alerts Issue with .ICS Calendar Files*Mitsubishi Electric Discloses Critical Vulnerabilities in Factory Automation Products*Ivanti SSRF Zero-Day Actively Exploited at Scale, Warns Security Researchers*Institute of Statistics in Albania Targeted by Iranian-Linked Hackers*US Implements Visa Ban for Individuals Tied to Commercial Spyware Misuse*NSO Group's Pegasus Spyware Targets Jordanian Activists and Journalists*VajraSpy Malware Infecting Android Devices by using Patchwork's Romance Scam*"Commando Cat", a new Cryptojacking Campaign Strikes Exposed Docker APIs*QNAP Addresses High-Severity Vulnerabilities in QTS and Qsync Central with Patches*A Cybercrime Operation Carried out by Interpol, Synergy, Takes Down 1,300 Servers*Lurie Children's Hospital Halts IT Systems in Response to Cybersecurity Event*APT28: Russian Hackers Utilize NTLM Relay Attacks to Target High-Value Organizations*Leaky Vessels Flaws Allow Unauthorized Escape from Docker and runc Containers*DirtyMoe Malware Strikes Over 2,000 Computers in Ukraine, Engaging in DDoS Attacks and Cryptojacking*Latest Mispadu Banking Trojan Exploits Windows SmartScreen Vulnerability*South African Railways Suffers Over $1 Million Loss Due to Phishing Scheme*Critical Mastodon Flaw Enables Hijacking of Any Decentralized Account by Hackers*Clorox Reveals $49 Million in Costs Resulting from Cyberattack*AnyDesk Confirms Breach of Production Servers, Urges Users to Update Software and Change Passwords*CISA Alert: Critical Security Vulnerabilities in Moby and OCI Components*Unauthorized Access to Cloudflare via Compromised Okta Auth Tokens*Romanian Parliament Faces Cybersecurity Breach, Exposing Officials' Confidential Information*PurpleFox Malware Spreads Across Thousands of Computers in Ukraine*CISA Urges Enhanced Security for SOHO Routers against Volt Typhoon Threats*FTC Mandates Enhanced Security Measures for Blackbaud Following Major Data Breach*FritzFrog's Return: Unleashing Log4Shell and PwnKit Exploits to Propagate Malware in Network Infrastructures*Global Affairs Hit by Cyberattack, Initiates Shutdown of Computer Systems for Remediation*HeadCrab 2.0 Embraces Fileless Strategy, Focuses on Exploiting Redis Servers for Cryptocurrency Mining*CISA Issues Alert on Active Exploitation of Critical Flaws in Apple iOS and macOS*Android Local Elevation Flaw Exploit Unleashed, Affecting 7 OEMs*Fintech Giant Direct Trading Technologies Faces Data Leak Impacting Over 300K Traders*Cybercriminals Leveraging Ivanti VPN Vulnerabilities to Distribute KrustyLoader Malware*UNC4990 Strikes Italian Businesses with Weaponized USBs, Unleashing Cryptojacking Malware*Telegram's Role in Cybercrime: Easy-to-Use Kits and Malware Fueling a Surge in Phishing Attacks*Johnson Controls Reports $27 Million Cost and Data Breach from Ransomware Attack*Ivanti Issues Alert on Actively Exploited Zero-Day in Connect Secure Product*Mercedes-Benz Source Code Exposed Due to Mishandled GitHub Token*Critical Workspace Creation Flaw in GitLab Requires Immediate Upgrade to Mitigate File Overwrite Risk*Web-Based Ransomware Decryption Tool Facilitates Recovery of Partially Encrypted Files*The Mother of All Breaches: Massive Release of 26 Billion Records Exposes LinkedIn, Twitter, and Major Organizations*Threat Actors Sell 1.8TB Database of Personal Information for 750 Million Indian Mobile Users*Ukrainian Prisoners of War Oversight Agency Faces Cybersecurity Breach*Newly Discovered glibc Vulnerability Enables Attackers to Attain Root Access on Major Linux Distributions*DarkGate Malware Spread Through Microsoft Teams Phishing in Group Chats*Italian Data Protection Authority Accuses ChatGPT of Privacy Violations Under GDPR*ZLoader Malware Resurfaces with 64-bit Windows Compatibility in Latest Variant*Juniper Networks Issues Critical Junos OS Updates to Address High-Severity Vulnerabilities*Rising Threat: Albabat, Kasseika, Kuiper - Emergence of New Ransomware Gangs Leveraging Rust and Golang*Outlook Vulnerability Reveals NTLM Passwords, Researchers Warn*Schneider Electric Faces Cactus Ransomware Attack with Threats of Data Leak*FBI Warns of Tech Support Scams Employing Couriers for Money Collection*Keenan & Associates Alerts 1.5 Million Individuals to Data Breach Following Summer Cyberattack*Outlook Apps Encounter Connectivity Issues with Outlook.com, Microsoft Investigating*45,000 Jenkins Servers Vulnerable to RCE Attacks Through Public Exploits*Microsoft Teams Faces Second Outage in Three Days, Disrupting Services in North and South America*Critical Jenkins Vulnerability (CVE-2024-23897) Poses RCE Threat*Malicious PyPI Packages Deliver WhiteSnake InfoStealer Malware to Windows Systems*Vulnerabilities in Westermo Lynx Switches Pose Risks for Industrial Organizations*Ukraine's Major Energy, Postal, and Transportation Entities Targeted in Cyberattacks*Pegasus Spyware Targets Mobile Devices of Journalists in Togo*AllaKore RAT Malware Targets Mexican Companies Using Financial Fraud Techniques*Healthcare Provider Alerts 4 Million Patients Regarding Data Breach at Perry Johnson & Associates (PJ&A)*Ransomware Strikes Kansas City Public Transportation Authority*Microsoft Issues Alert on Expanding APT29 Espionage Campaign Targeting Global Organizations*Malicious Google Ads Target Chinese Users in Ongoing Malvertising Campaign*Critical Cisco Flaw Enables Remote Takeover of Unified Communications Systems*23andMe Confirms Data Breach: Attackers Exfiltrate Raw Genotype Data and Health Reports*Blackwood Hackers Exploit WPS Office Update Mechanism for Malware Installation*LODEINFO Fileless Malware Advances with Enhanced Anti-Analysis and Remote Code Techniques*Mozilla Addresses 15 Vulnerabilities, Including Five High-Severity, in Firefox and Thunderbird Updates*EquiLend Faces Disruptions Following Cyberattack, Initiates Investigation and Restoration Efforts*BuyGoods.com Exposes 198GB of Internal and User Personally Identifiable Information (PII) and Know Your Customer (KYC) Data*Critical Google Kubernetes Misconfiguration Allows Any Gmail Account to Control Clusters*AI Expected to Escalate Ransomware Threat in the UK Over Next Two Years, Warns NCSC*Pwn2Own Automotive 2024: Tesla Breached with Demonstration of 24 Zero-Day Exploits*Russian Hackers Infiltrate Email Accounts of HPE Security Team*Credential Stuffing Attack Affects Potential 340,000 Jason’s Deli Customers*Lamassu Bitcoin ATMs Exposed to Exploits, Allowing Potential Wallet Draining*Kasseika Ransomware Exploits Antivirus Driver to Disable Competing Security Software*DDoS attacks are moving from megabits to terabits, according to Gcore Radar*Malicious NPM Packages Compromise Developer SSH Keys, Exfiltrate Data via GitHub*Fortra GoAnywhere MFT Authentication Bypass Vulnerability Exploited with Release of Exploit Code*Ransomware Attack Strikes Veolia North America's Water Services Operations*Active Exploitation: Critical Confluence Remote Code Execution Vulnerability Targeted in 40,000 Attacks Within 3 Days*AerCap, Global Aviation Leasing Leader, Falls Victim to Ransomware Attack*Apple Releases iOS 17.3, Issues Warning on WebKit Zero-Day Exploits*Stealthy Malicious Web Redirect Scripts Concealed Within Compromised Websites*Apple Swiftly Addresses 2024's First Zero-Day Exploit with Critical Security Updates*North Korean Hackers Exploit Fake Research to Deploy RokRAT Backdoor*Splunk Enterprise Addresses High-Severity Vulnerability in Latest Patches*Apache ActiveMQ Vulnerability Exploited in Recent Wave of Godzilla Web Shell Attacks*Java and Android Vulnerability: MavenGate Attack Poses Security Threat, Allowing Hackers to Hijack Systems via Abandoned Libraries*MacOS Backdoor: The Lucrative Threat of Cracked Software Stealing Cryptowallets Surpasses Gold*SEC Affirms X Account Compromised in SIM-Swapping Incident*VMware Addresses Critical Code Execution Vulnerability in vCenter Server with Security Updates*VF Corporation, Owner of Vans and The North Face, Discloses Ransomware Breach Impacting 35 Million Individuals*NS-STEALER Exfiltrates Secrets from Popular Web Browsers by Using Discord Bots*Critical Vulnerabilities Discovered in Leading Open Source AI/ML Platforms*Brave Browser Discontinues 'Strict' Fingerprinting Protection Due to Website Compatibility Issues*Ransomware Attack by Tietoevry Results in Disruptions for Swedish Companies and Municipalities*Ransomware Attacks Utilize TeamViewer for Network Breaches*Developer Charged with Hacking Following Disclosure of Cybersecurity Concerns*Cyberattack Disrupts IT Network and Services at Kansas State University*Docker Hosts Compromised in Ongoing Scheme for Website Traffic Theft*Unpatched Vulnerabilities in Rapid SCADA Pose Risks to Industrial Systems*Vulnerability in TensorFlow CI and CD Exposes Supply Chain to Poisoning Attacks*Google Detects Deployment of Spica Backdoor Malware by Russian FSB Hackers*Inferno Drainer's Scam-as-a-Service Drains 87 Million Dollars from 137000 Victims*PixieFail UEFI Vulnerabilities Pose Risks of Remote Code Execution, Denial of Service, and Data Theft for Millions of Computers*GitHub Rotates Keys to Mitigate Credential-Exposing Vulnerability*VMware Issues Urgent Patch for Critical Aria Automation Flaw*LeftoverLocals Attacks Expose AI Data Leak in GPUs from AMD, Apple, and Qualcomm*A Botnet Bigpanzi has Infected 170,000 Android TV Boxes with Malware*Microsoft Warns of Iranian Hackers Using Fresh MediaPl Malware to Target Researchers*Exposes Pegasus Spyware on iPhone with a New iShutdown Method*PAX PoS Terminal Vulnerability Enables Transaction Tampering by Attackers*Have I Been Pwned adds 71 Million Emails from NazAPI Stolen Account Dataset*Oracle Addresses 200 Vulnerabilities in January 2024 Critical Patch Update*Atlassian Alerts Critical Remote Code Execution Vulnerability in Confluence Versions*Google Addresses First Actively Exploited Chrome Zero-Day of 2024*FBI and CISA Issue Alert as Androxgh0st Malware Botnet Targets AWS and Microsoft Credentials*New Attack Wave Spreads Remcos RAT Through Adult Games*Ransomware Attack Hits Majorca's Calvia City, Extortionists Demand $11 Million*Critical Zero-Day Vulnerabilities in Citrix Netscaler Exploited*MyFlaw Security Flaw in Opera Browser Exposes Mac and Windows Users to File Execution Attacks*Balada Injector Exploits Plugin Vulnerability, Compromising 7,100 WordPress Sites*Windows SmartScreen Vulnerability Exploited to Deliver Phemedrone Malware*High-Severity Vulnerabilities Detected in Bosch Thermostats and Smart Nutrunners*Over 178,000 SonicWall Firewalls Exposed to DoS and Potential RCE Vulnerabilities*Microsoft Working on Fix for Windows 10 0x80070643 Errors in KB5034441 Update Installation*Lush, UK Cosmetics Retailer, Confirms Cyberattack*Ivanti Connect Secure Exploited with Zero-Days to Deploy Custom Malware*GitLab Issues Warning on Critical Zero-Click Account Hijacking Vulnerability*Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit*Critical Remote Code Execution Vulnerability Discovered in Juniper SRX Firewalls and EX Switches*CISA Warns of Actively Exploited Critical Microsoft SharePoint Vulnerability*Atomic Stealer Upgrade Targets Mac Users with Encrypted Payload*Microsoft Releases Script for Updating Windows 10 WinRE with BitLocker Fixes*Python-Powered FBot Hacking Toolkit Targets Cloud and SaaS Platforms*Major T-Mobile Outage Disrupts Account Access and Mobile App Functionality*Risk Emerges for ERP Systems as New Proof-of-Concept Exploit Targets Apache OFBiz Vulnerability*Critical Vulnerabilities Expose 150k WordPress Sites to Takeover Risk Through POST SMTP Mailer Plugin*Framework Computer Reveals Data Breach Following Phishing Attack on Accountant*Data Breach at Fidelity National Financial Exposes Personal Information of 1.3 Million Individuals*Pro-Ukraine Hackers Retaliate, Breach Russian ISP in Response to Kyivstar Attack*Free Decryptors Unveiled for Victims of Black Basta and Babuk's Tortilla Ransomware*Hathway Faces Data Breach as Hacker Leaks KYC Data of 4 Million Users*Cisco Addresses Critical Unity Connection Bug Allowing Attackers to Obtain Root Privileges*The Newest Mirai-Based Botnet Exploiting SSH Servers for Cryptocurrency Mining*Saudi Ministry Exposes Sensitive Data, Posing Substantial Cybersecurity Threat*Significant Data Breach Raises Alarm Over Potential Exposure for Entire Brazilian Population*Water Curupira Hackers Unleash PikaBot Loader Malware in Ongoing Cyber Threat Campaign*Turkish Hackers Targeting Weakly Secured MSSQL Servers for Global Ransomware Attacks*CISA Adds Six Actively Exploited Vulnerabilities to KEV Catalog Affecting Apple, Adobe, Apache, D-Link, and Joomla Products*Security Flaws Discovered in QNAP and Kyocera Device Manager*Windows 10 KB5034122 Update Addresses Shutdown Bug*Microsoft Patch Tuesday Security Advisory - January 2024*Fake Hack-Back Offers Target Ransomware Victims, Warns Cybersecurity Firm*CISA Issues Warning on Exploitation of Apache Superset Vulnerability*Beirut International Airport experienced a cyber attack*NoName Group's DDoS Assault Targets Ukrainian Government Websites*Maldives Government Websites Recover After Cyberattack Amid Diplomatic Strains*North Korea's DPRK Hackers Pilfered $600 Million in 2023 Cryptocurrency Heist*NIST Highlights Security and Privacy Risks Amid Swift Deployment of AI Systems*Cross Switch Faces Data Breach and 3.6 Million Records Potentially Compromised*Hackers Exploit Netgear and Hyundai X Accounts for Crypto Draining Scams*Toronto Zoo Confirms Ransomware Attack Had Zero Impact on Animal Wellbeing*Syrian Cyber Group Unleashes Destructive SilverRAT Threat*Sea Turtle Cyber Espionage Campaign Strikes Dutch IT and Telecom Sectors*Cyberattack on loanDepot Mortgage Firm Disrupts IT Systems and Payment Portal*Cyberattack Strikes Municipal Systems in West Virginia City*Ivanti Warns of Critical EPM Vulnerability Allowing Device Hijacking*Cyber Partisans Hacktivist Group Targets and Shuts Down Belarusian News Agency BelTA*Pays Fouesnantais and France's Township Faces Municipal Service Disruption after Cyberattack*New macOS Backdoor Threat SpectralBlur Linked to North Korean Hackers*New Variant of Bandook RAT Targets Windows Machines*Hackers Exploit Vulnerabilities in Apache RocketMQ Servers for RCE Attacks*Data Breach at Now-Defunct Ambulance Service Affects Nearly 1 Million Individuals*In an assault on KyivStar, Russian hackers erased thousands of Systems*UAC-0050 Adopts Novel Phishing Strategies for Dispensing Remcos RAT*Mandiant’s Twitter Account Recovered Following Six-Hour Crypto Scam Breach*Malware Exploiting Google MultiLogin Vulnerability to Persist After Password Reset*Linux Targeted by 3 Malicious PyPI Packages Deploying Crypto Miners*SMTP Smuggling Flaw Enables Attackers to Bypass Security and Spoof*CISA Alert: Actively Exploited Vulnerabilities Found in Chrome and Excel Parsing Library*Australian Court Service Faces Breach, Hearing Recordings Potentially Compromised*Xerox's U.S. Subsidiary XBS Falls Victim to Breach as Ransomware Gang Leaks Data*Orbit Chain's $86 Million Loss in Year-End 2023 Fintech Hack*Android Game Developer's Google Drive Misconfiguration Exposes Cloud Security Risks*Windows 10 and 11 Face New DLL Search Order Hijacking Variant, Evading Protections*Kimsuky Hackers Utilize AppleSeed, Meterpreter, and TinyNuke in Recent Attacks*New Malware 'JinxLoader' Delivering Formbook and XLoader Threats*EasyPark Reveals Data Breach Affecting Potentially Millions of Users*Anna Jaques Hospital's Computer System Compromised in Cyberattack*Albanian Parliament and Telecom Company Targeted in Cyberattacks*Lockbit Ransomware Causes Emergency Care Disruption in German Hospitals*Russian Military Hackers Unleash New MASEPIE Malware in Targeted Campaign Against Ukraine*Ransomware Attack Strikes Trinidad and Tobago's Social Security Agency*Microsoft Takes Action to Safeguard Against Malicious Exploitation, Disabling MSIX Protocol Handler*Chinese Hackers Exploit Fresh Zero-Day in Barracuda's ESG Appliances*Critical Zero-Day Vulnerability in Apache OfBiz ERP System Poses Business Threat*Corewell Health Faces Another Data Breach, Affects Over 1 Million Patients*DragonForce Ransomware Claims Cyberattack on Ohio Lottery*LoanCare Notifies 1.3 Million Individuals Regarding Data Breach*Microsoft Word docs used to impersonate the Nepali government in a Nim-based campaign*Cyber-Phishing Attacks with Cryptocurrency Drainers are on the Rise*A New Ransomware Variant of Carbanak Banking Malware has been Discovered*Android or Xamalicious Stealth Backdoor Actively Infecting Devices*Reports of a Data Breach have been Investigated by Video Game Giant UBISOFT*LONEPAGE Malware Targets Ukrainian Companies with UAC-0099 Exploit Based on WinRAR*ESET Resolves High-Severity Flaw in Multiple Product's Secure Traffic Scanning*The Iranian Hackers have Developed a New Backdoor for Hacking Windows*Cloud Atlas' Targeted Spear-Phishing Strikes: Russian Agro and Research Firms Under Attack*New Instagram Phishing Campaign Targets 2FA Backup Codes*Indian government Entities Targeted by Rust-based Malware*WordPress Plugin Breach: E-Commerce Sites Vulnerable to Credit Card Theft*Europol Alerts to 443 Online Stores Infected with Credit Card Theft Scripts*Ubisoft Initiates Investigation into Recent Reports of Security Breach*Akira Ransomware Group Takes Credit for Cyberattack on Nissan Australia*Mint Mobile Reveals Fresh Data Breach, Unveiling Customer Information Exposure*Chrome Extensions Forcing 1.5 million Fake VPNs to be Installed*Chameleon Android Malware Disables Fingerprint Unlock to Pilfer PINs*OpenAI Addresses ChatGPT Data Leak with Imperfect Fix Rollout*Cyberattack Forces First American to Shut Down IT Systems*A New FalseFont Malware Title Targets Defense Firms, According to Microsoft*Healthcare Software Provider's Data Breach Affects 2.7 Million Patients*Google Addresses the Eigth Actively Exploited Zero-Day Vulnerability in Chrome*Critical Pre-Auth Stack Buffer Overflows Affect Ivanti Avalanche*F5 BIG-IP Zero-Day Alert Emails Spreading Data-Wiping Malware*HCL Technologies Faces Ransomware Attack: Ongoing Investigation Underway*FBI Disrupts BlackCat Ransomware Operation and Develops Decryption Tool*FBI Reveals ALPHV Ransomware Profited $300 Million from 1,000 Victims*The Terrapin attack can compromise the security of OpenSSH connections*GitHub Exploited by Hackers to Skirt Detection and Compromise Hosts*Web Injections Campaign Targets 50000 Users, Stealing Banking Data in Ongoing Threat*Mr. Cooper Data Breach Exposes 14.7 Million Individuals to Security Risks*Iran's Gas Stations Hit by Suspected Cyberattack, Causing Widespread Disruption*Microsoft Reveals High-Severity Remote Code Execution Flaw in Perforce Helix*Xfinity Reveals Data Breach Following Citrix Server Hack*Customer Data Exposed in Cyberattack on MongoDB, Company Confirms*Qbot Malware Resurfaces in Phishing Campaign Aimed at Hospitality Sector*Google Phishing Ads Target WordPress Hosting Provider Kinsta*Rhadamanthys Stealer Malware Advances with Enhanced Capabilities*Ransomware Threats Target Patients of Fred Hutch Cancer Center*3CX Issues Warning to Disable SQL Database Integrations*Data Breach at Delta Dental of California Exposes Personal Information of 7 Million Individuals*U.S. Nuclear Research Lab's Data Breach Affects 45,000 Individuals*A Cryptocurrency Wallet Supply Chain Attack Stole $600K from Ledger dApps*NKAbuse Malware Leveraging NKN Blockchain for Covert Comms*Kraft Heinz Probes Alleged Hack, Assures Normal System Operations*Hackers Hijack SOHO Routers and VPN Devices with Stealthy KV-Botnet*Phishing Evolution: BazarCall Adopts Google Forms for Credible Deception*CISA Warns of Russian Hackers Targeting TeamCity Servers Since September*Microsoft Takes Control of Domains Selling Fake Outlook Accounts*Hackers Leverage Public PoC to Exploit Critical Flaw in Apache Struts*1,450 Exposed pfSense Servers Vulnerable to RCE Attacks via Bug Chain*Booking-Themed Scam Unleashes New MrAnon Stealer Malware, Targets German Users*Threat Actor Exploits Recruiters with Malicious More Eggs Backdoor Malware*Microsoft Warns of OAuth App Exploitation for BEC and Cryptomining Attacks*Sophos Proactively Backports Remote Code Execution (RCE) Fix for Unsupported Firewalls Post-Attacks*Russian APT28 Launches Cyber Espionage Campaign Across 13 Nations*Microsoft Patch Tuesday Security Advisory - December 2023*HTML Injection Bug in Counter-Strike 2 Exposes Players' IP Addresses*University of Wollongong Confirms Data Breach and Alerts Authorities*Americold, Cold Storage Giant, Confirms Data Breach After Malware Attack in April*Critical Bug in Backup Migration Plugin Exposes 50K WordPress Sites to RCE Attacks*Emergency Apple Updates Address Zero-Day Vulnerabilities in Older iPhone Models*Researchers have Unmasked Sandman APT's Hidden Connection to China's KEYPLUG Backdoor*The Lazarus Hackers have Released a New RAT Malware Using a Two-Year-Old Bug in Log4j*A Record 2.6 Billion Users Records have been Exposed by Apple, but End-to-End Encryption Wins Out*The AutoSpill Attack Steals Passwords from Android Password Managers*Ransomware Gang Confirms Cyber Hit on California Hospital*Norton Healthcare Reveals Data Breach Following May Ransomware Attack*New HeadCrab Variant Exploits Redis Servers for Root Access*Google Drive Users Continue to Face Challenges Despite Proposed Fix for File Recovery*Email Sending Challenges in Microsoft Outlook for Users with Extensive Folders*5Ghoul Vulnerability Strikes Qualcomm and MediaTek Chip-Powered 5G Phones*Iranian Threat Poses Risk to Israel's Critical Infrastructure Through 'Polonium' Proxy*New Bluetooth Vulnerability Enables Hackers to Seize Control of Android, Linux, macOS, and iOS Devices*WordPress Resolves POP Chain Vulnerability, Safeguarding Websites Against RCE Exploits*Data Breaches at Two Cambridge Hospitals are Caused by Excel Spreadsheets*Microsoft Alerts on COLDRIVER's Adaptive Evasion Techniques and Credential Theft Strategies*Russian State-Sponsored Hackers Target NATO Rapid Response Corps in Cybersecurity Breach*Linux Servers are Infected with the Krasue RAT Malware using Embedded Rootkits*North Korean Hacker Group Andariel Targets South Korean Companies, Stealing Defense Secrets*Austal USA, Navy Contractor, Confirms Cyberattack and Data Leak*US Senator Exposes Government Surveillance via Mobile Notifications on Apple and Google Users*Qualcomm Discloses Exploited Chip Flaws in Targeted Attacks*Intel and AMD CPUs are Vulnerable to SLAM Attacks that Steal Sensitive Data*Critical Infrastructure Routers Face 21 Sierra Vulnerabilities*Nissan Proactively Investigating Cybersecurity Incident and Assessing Potential Data Breach*Critical Remote Code Execution Vulnerabilities Patched in Various Atlassian Products*Go Module Repositories on GitHub: The Growing Threat of Repojacking*Kali Linux 2023.4 Features GNOME 45 and 15 New Tools in Latest Release*Cyberattack Confirmed by HTC Global Services after Data was Leaked*23andMe Confirms Hackers Accessed Data from Millions of Users*Thousands of Israeli Hospital Documents have been Leaked by Iran-Linked Hackers*U.S. Government Agencies Compromised Through Exploitation of Adobe ColdFusion Vulnerability by Hackers*WALA, International Dog Breeding Organization, Reveals 25GB of Pet Owners' Data*Beware: iPhone Users Alerted to Deceptive Fake Lockdown Mode Attack*The SpyLoan Android Malware has been Downloaded 12 Million Times from Google Play*Android Security Updates for December 2023 Address 85 Vulnerabilities, Including a Zero-Day RCE Vulnerability*More than 20,000 Microsoft Exchange Servers at Risk of Exploitation in Cyber Attacks*WeMystic Fortune-Telling Platform Exposes Over 13 Million User Records*Tipalti Probes Allegations of Data Breach Amid Ransomware Attack*Microsoft Issues Alert on Malvertising Campaign Propagating CACTUS Ransomware*The Fake Security Advisory Pushes Backdoor Plugins for WordPress*Russian Cyber Threat Actors Exploit Outlook Vulnerability to Hijack Exchange Accounts*AeroBlade Hackers Target U.S. Aerospace Sector in Fresh Campaign*MIPS Devices are Targeted by a Stealthier Version of P2Pinfect Malware*Revolutionizing Browsing: Google Chrome's Cache Update*Hospitals are urged to patch Citrix Bleed bug*Since 2017, North Korea's State Hackers Have Stolen $3 Billion in Crypto*Pirated Software Distributes Proxy Malware Targeting Mac Users*Qilin Ransomware Linux Variant Concentrates on Targeting VMware ESXi*Berglund Management Group Discloses Data Breach Affecting Over 50,000 Individuals in the US*VMware Resolves Critical Authentication Bypass in Cloud Director After 2 Weeks of Unpatched Vulnerability*Microsoft Windows KB5032278 Update Introduces Copilot AI Assistant, Addresses 13 Bugs*Newly Discovered Agent Raccoon Malware Exploited by Hackers to Create Backdoors in US Systems*Chinese Hackers Employ SugarGh0st RAT in Targeting South Korea and Uzbekistan*FjordPhantom Android Malware Employing Virtualization for Evasion Tactics*North Carolina's Hendersonville Exposes Employee Data in Thanksgiving Cybersecurity Breach*Zyxel Issues Warning on Critical Vulnerabilities Found in NAS Devices*Staples Confirms Cyberattack as Cause for Service Disruptions and Delivery Challenges*JAXA, Japan's Space Agency, Falls Victim to Cyberattack*Apple Addresses Two New iOS Zero-Day Vulnerabilities with Emergency Updates*UEFI Code Vulnerabilities Exploitable for Bootkit Implantation Through Image Files*Cybersecurity Incident Impacts Capital Health Hospitals, Resulting in IT Disruptions*Numerous Undisclosed secrets discovered within application images on Docker Hub*A Ransomware Attack Exploits Qlik Sense Flaws to Infect Networks with Cactus Ransomware*Hackers Compromise US Water Facility Through Exposed Unitronics PLCs*Third-Party Data Breach Affects 2 Million Individuals at Dollar Tree*Automotive Giant Yanfeng Hit by Qilin Ransomware Attack*Egyptian E-Payment Provider Recovers After LockBit Ransomware Attack*US Authorities Seize Sinbad Cryptocurrency Mixer Utilized by North Korean Lazarus Hackers*Okta Data Breach in October Impacts All Users in Customer Support System*Play Ransomware Group Targets 17 Victims, Including 14 US-Based Companies*New 'Xaro' Variant of DJVU Ransomware Poses as Cracked Software to Deceive Users*Experts Warn of More than 200 Malicious Android Apps Targeting Iranian Banks*Rapid Exploitation of Critical ownCloud Vulnerability in the Wild*Google Addresses the Sixth Actively Exploited Zero-Day Vulnerability in Chrome for 2023*Critical Vulnerability Uncovered in Ray AI Framework*Bluetooth Vulnerability BLUFFS Allows Attackers to Take Command of Connections*Hackers Can Exploit the 'Forced Authentication' Feature to Steal Windows NTLM Tokens*Government of Serbia accused of using Military-grade Spyware against Critics*DP World Admits Cybersecurity Breach in Australia, Reveals Data Theft Without Ransomware Deployment*North Korean Cyber Actors Utilize Hybrid macOS Malware Tactics for Enhanced Stealth and Evasion*Ransomware Breach Strikes Slovenia's Primary Power Giant, HSE*Ransomware Attack Disrupts Ardent Hospital Emergency Rooms Across Six States*Gulf Air Experiences Data Breach, Assures No Impact on Critical Operations*Ukraine Claims Successful Hack into Russian Aviation Agency, Leaks Data*QRadar SIEM Vulnerability Enables Remote Attackers to Initiate Denial of Service Attacks*Ransomware Strike Erases All Player Accounts for Indie Game Developer*Rivers Casino Customers and Employees' Sensitive Data has been Compromised by Hackers*Rhysida Ransomware Gang Claims Breach of China Energy*Google Drive Users Frustrated After Losing Months of Stored Data*Appscook, School App Developer, Exposes Sensitive Data of Hundreds of Children*The General Electric Company investigates claims of cyber attack and data theft*KyberSwap Reports $54.7 Million in Cryptocurrency Stolen in Cyberattack*APT Attacks Targeting the Afghan Government Use a New Web Shell Called HRServ.dll*Supply-Chain Attack Unleashes Zero-Day Exploit in UK and South Korea Cybersecurity Incident*Israel Targeted by Rust-Powered SysJoker Backdoor in Cyberattacks Linked to Hamas*Confidential Kubernetes Secrets from Fortune 500 Enterprises Unveiled in Public Repositories*OwnCloud File Sharing App Vulnerability Exposes Admin Passwords*Neanderthals Exploit Telegram Bot "Telekopye" for Large-Scale Phishing Scams*Data Breach Exposes Personal Information of 27,000 Members of NYC Bar Association*CTS Cyberattack Rattles Dozens of UK Law Firms*Germany's Federal Bar Association Probes Ransomware Attack*Kansas Courts Affirm Data Breach and Ransom Request Following Cyberattack*Latest Attacks by Konni Group Utilize Malicious Word Documents in Russian Language*The Black Basta Ransomware Group has Compromised New Targets*Widespread Distribution of New WailingCrab Malware Loader Through Shipping-Related Emails*Indian Railway Catering and Tourism Corporation (IRCTC) Suffers Server Down Affecting E-Ticket Booking*Expansion of ClearFake Campaign Takes Aim at Mac Systems with Atomic Stealer*Windows Hello Authentication Bypass Identified on Microsoft, Dell, and Lenovo Laptops*North Korean Threat Actors Employ Malware Campaigns Disguised as Job Recruiters and Seekers*Data Breach at Welltok Exposes Information of 8.5 Million US Patients*Tmax Enterprise software provider Experiences Data Breach, Exposing 2 Terabytes of Information*Microsoft Reports CyberLink Breach by Lazarus Hackers in Supply Chain Attack*Dragon Touch Children's Tablet Compromised by Corejava Malware*Fresh Botnet Malware Leverages Pair of Zero-Day Vulnerabilities to Target NVRs and Routers*CISA Issues Urgent Directive for Immediate Response to Looney Tunables Linux Vulnerability*Wolf Haldenstein Adler Freeman & Herz LLP Issued a Data Breach Alert on Midwest Gaming & Entertainment, LLC.*AutoZone Alerts of Data Breach Due to MOVEit Vulnerability*Hacktivists Breach U.S. Nuclear Research Lab, Compromising Employee Data*CISA's Cybersecurity Guide: Safeguarding Healthcare and Public Health Organizations*Play Ransomware Shifts to Commercial Model, Offered as Service to Cybercriminals*Deceptive Campaign Aims at Indian Android Users, Impersonating Banks and Government Bodies*Latest Agent Tesla Malware Iteration Employing ZPAQ Compression in Email-Based Assaults*South China Sea Tensions Prompt Mustang Panda Hackers Target Philippines Government*Critical Vulnerability in Industrial Refrigeration Products Patched by Johnson Controls*LittleDrifter USB Malware Linked to Gamaredon Spreads Outside Ukraine*Contractor Hacks Lead to Canadian Government's Data Breach Disclosure*Apache ActiveMQ RCE Exploited by Kinsing Malware to Install Rootkits*New Version of LummaC2 Malware Unveils Innovative Trigonometry-Based Anti-Sandbox Technique*Increase in NetSupport RAT Infections: Targeting Government and Business Sectors*Phobos Ransomware Accuses VX-Underground Malware Collective of Framing*Indian Hackers Targeting U.S., China, and Other Nations for More Than Ten Years*FCC Implements New Regulations Safeguarding Consumers Against SIM-Swapping Threats*RSA Keys Extracted from SSH Server Signing Errors by Researchers*Russian Hackers Exploit WinRAR and Ngrok Features in Embassy Attacks*Yamaha Motor's Philippine Subsidiary Hit by Ransomware Assault*Discord Phishing Scam Emerges Following Bloomberg Crypto X Account Mishap*CISA Adds Three Actively Exploited Vulnerabilities in Windows, Sophos, and Oracle into KEV Catalog*Vietnam Post Corporation Leaks 1.2TB of Data, Revealing Email Addresses of Employees*Deceptive Google Ads Lure WinSCP Users into Installing Malicious Software*Security Researchers Uncover Malicious Packages on PyPI and NPM Repositories Targeting Developers*Fortinet Alerts Users to Critical Command Injection Vulnerability in FortiSIEM*Experts Reveal DarkCasino as New APT Threat Leveraging WinRAR Security Flaw*Ransomware Group Lodges SEC Complaint Regarding Victim's Unreported Breach*Exploitation of Zimbra Email Software's Zero-Day Flaw by Four Hacker Groups*Toyota Acknowledges Security Breach as Medusa Ransomware Threatens Data Leak*Significant Data Breach Reported at Smart WiFi Provider Plume by Alleged Hackers*Long Beach, California Shuts Down IT Systems Following Cyberattack*FBI Exposes Tactics Used by the Notorious Scattered Spider Hacker Group*Google Workspace and Cloud Platform Vulnerable to Potential Ransomware Exploits*FBI and CISA Alert on Opportunistic Rhysida Ransomware Attacks*Toronto Public Library Acknowledges Data Breach in Ransomware Attack*North Carolina County Faces Unauthorized Data Access in Cyberattack by Hackers*Australian Agency Raises Alarm Over Threat from State-Supported Hackers*Dolly.com's Ransom Payment Doesn't Stop Attackers from Releasing Data*Latest PoC Exploit for Apache ActiveMQ Vulnerability Enables Low-Profile Attacks*Denmark's Critical Infrastructure Faces Largest Coordinated Cyberattack, Targeting 22 Energy Firms*PJ&A Cyberattack Exposed Nearly 9 Million Patient Records*Recent Data Breach Impacts Customers of Samsung's UK Store*FBI Announces Success in Disrupting IPStorm Botnet and Its 23,000 Malicious Proxies*Targeted Attacks on MySQL Servers and Docker Hosts Using DDoS-Enabled Malware Detected by Researchers*LockBit Ransomware Exploits Citrix Bleed Vulnerability, Exposing 10,000 Servers in Attacks*Truepill Pharmacy Platform Reports Data Breach Affecting 2.3 Million Customers*VMware Reveals Critical Authentication Bypass in VCD Appliance Without Available Patch*New Reptar CPU Bug Impacts Intel's Desktop and Server Systems*Vulnerability in WP Fastest Cache Plugin Puts 600k WordPress Sites at Risk of Attacks*Vietnamese Cybercriminals Employ Delphi-Based Malware to Attack Indian Marketing Professionals*Critical Azure CLI Vulnerability Addressed by Microsoft, Preventing Credential Leakage in Logs*AMD CPU Vulnerability "CacheWarp" Allows Root Access in Linux VMs*Microsoft Patch Tuesday Security Advisory - November 2023*Chinese Hackers Conduct Stealthy Espionage Assaults on 24 Cambodian Entities*Lorenz Extortion Group Leaks Stolen Data from Cogdell Memorial Hospital in Texas*IP Criminality & Advanced Cyber Threat Analysis with Cisco SecureX-XDR*Emergence of a New Ransomware Faction Armed with Hive's Source Code and Infrastructure*Ethereum's 'Create2' Function Abused in $60M Cryptocurrency Theft*DP World Hit by Cyberattack, Paralyzing Thousands of Containers in Ports*"Chess.com" Grapples with Dual Data Breaches as Threat Actors Leak 1,276,000 Scraped User Records*Israel Alerts Organizations to BiBi Malware Wiper Attacks Targeting Linux and Windows*Microsoft Issues Alert Regarding Fraudulent Skills Assessment Portals Targeting IT Job Seekers*Microsoft Resolves Slow Saving Issues in Outlook Desktop with Bug Fix*Tri-City Medical Center in Oceanside is Impacted by Ongoing Cyberattacks*Law Enforcement Dismantles BulletProftLink, a Major Phishing Service Provider*Data Breach at McLaren Health Care Impacts 2.2 Million People*Healthcare Organizations Compromised as Hackers Exploit ScreenConnect Remote Access*Iran-Linked Imperial Kitten Cyber Group Focuses its Attack on Middle East Entities*Mr. Cooper, Major Mortgage Servicer Reports Customer Data Exposure in Security Breach*Microsoft Warns of BlueNoroff Hackers Plans for Fresh Crypto Theft Attacks*Maine Government Alerts 1.3 Million Individuals About MOVEit Data Breach*Clop Ransomware Attacks Exploit Zero-Day Flaw in SysAid, Microsoft Reports*Anonymous Sudan Claims Responsibility for DDoS Attack Leading to Cloudflare Website Outage*Google Ads Distribute Malicious CPU-Z App via Counterfeit Windows News Site*Ransomware Attack Affects 39,000 Individuals at Kyocera AVX*Ransomware Attack Strikes Industrial and Commercial Bank of China*Microsoft Provides Temporary Solution for Windows Server 2022 VMs Facing Issues*Russian Hackers Employ LOTL Technique to Potentially Trigger Power Outages*Data Breach at Perry Johnson & Associates, Inc. Impacts Cook County Health due to Security Incident*CISA Issues Alert as High-Severity SLP Vulnerability Faces Active Exploitation*Microsoft Enhances Windows 11 Security by Eliminating SMB1 Firewall Rules*Iranian Hackers Employing New C2 Framework MuddyC2Go to Target Israel*Datacenter Overheating Disrupts 2.5 Million Bank Transactions*Sberbank Confronts Massive DDoS Attack with 1 Million Requests Per Second*Undetectable Crypto Mining Technique Revealed in Azure Automation by Researchers*Security Alert: Python Packages on PyPI Infected with Blaze Stealer Malware*WhatsApp Unveils Enhanced Privacy Feature: Safeguarding IP Addresses During Calls*Major Outage Knocks ChatGPT Offline, Affecting OpenAI Systems*Hacker Exposes 35 million LinkedIn User Database on Breach Forums*Russian-speaking Threat Actor "Farnetwork" Connected to Five Ransomware Groups*FBI Warns of Ransomware Gangs Targeting Casinos via Third-Party Gaming Vendors*Security Breach Unveiled by Sumo Logic, Recommends API Key Resets*Japan Aviation Electronics Reports Unauthorized Server Access in Recent Cyberattack*Android Security Updates for November 2023 Address 37 Vulnerabilities*BlueNoroff Hackers Utilize ObjCShellz Malware to Create Backdoors on Macs*GootLoader's Advanced Malware Variant Operates Covertly and Expands Swiftly*Cisco Addresses 27 Vulnerabilities with Security Updates for Network Security Products*Fraudulent Ledger Live App on Microsoft Store Scams Users out of $768,000 in Cryptocurrency*Emergence of New Jupyter Infostealer Version with Advanced Stealth Tactics*Marina Bay Sands Discloses Data Breach Impacting Information of 665,000 Customers*China-Based E-commerce Store "Zhefengle" Exposes Millions of Chinese Citizen IDs*Hilb Group Reveals Email Security Breach Impacting Personal Data of 81,000 Individuals*QNAP's Alert on Critical Command Injection Vulnerabilities in QTS OS and Apps*Multi-Platform Attack by SideCopy Threat Actor Utilizes WinRAR Zero-Day and Ares RAT to Target Indian Organizations*Ransomware TellYouThePass Executes Remote Code Execution (RCE) Attack on Apache ActiveMQ*Android Security Bypassed by Cybercrime Service for Malware Installation*Veeam Issues Critical Bug Warnings for Veeam ONE Monitoring Platform*Google Alerts Users to Possible Misuse: Cybercriminals Using Calendar Service as a Covert C2 Channel*Socks5Systemz Proxy Service Compromises 10,000 Systems Globally*DarkGate Malware Exploiting Microsoft Installer Files After Targeting Microsoft Teams*DDoS Attacks Cause Disruptions in Singapore's Public Health Services*Kinsing Actors Leveraging Latest Linux Vulnerability to Compromise Cloud Environments*NodeStealer Malware Exploiting Facebook Business Accounts to Run Malicious Advertisem*nts*Allied Pilots Association of American Airlines Pilots Reveals Ransomware Attack*CanesSpy Spyware Distributed Using Altered WhatsApp Versions*Microsoft Exchange New Zero-Day Vulnerabilities Enable Remote Code Execution and Data Theft Attacks.*Boeing Company Affirms Cyberattack Involving LockBit Ransomware*Cloudflare's Data Center Power Outage Disrupts Dashboard and API Services*Researchers Identify 34 Windows Device Drivers Vulnerable to Complete Device Compromise*Employee Records at OKTA Exposed in Third-Party Vendor Breach of Rightway Healthcare*Atlassian Issues Urgent Warning for Patching After Confluence Data Wiping Vulnerability Exploit*Iran's MuddyWater Launches Spear-Phishing Campaign Targeting Israel*Cyberattack Targets Mortgage Giant Mr. Cooper, Disrupting IT Operations*Ace Hardware Reports Cyberattack Affecting 1,202 Devices*Hackers from North Korea are Targeting Crypto Experts with KANDYKORN MacOS Malware*Critical Vulnerabilities in F5 BIG-IP Products Actively Exploited in the Wild*Mysterious Kill-Switch Deactivates Mozi Malware Botnet Operations*CVSS 4.0: New Vulnerability Severity Rating Standard Unveiled*Middle East Financial and Government Sectors Targeted by Iranian Cyber Espionage Group*Citrix Bleed Vulnerability Exploited by Hackers in Global Government Network Attacks*Over 3,000 Internet-Facing Apache ActiveMQ Servers at Risk of Remote Code Execution Attacks*Avast Antivirus SDK Misidentifies Google App as Malware on Huawei, Vivo, and Honor Smartphones*British Library Faces Weekend Cyberattack, Leading to Internet Access Disruptions*Discovery of Malicious NuGet Packages Distributing SeroXen RAT Malware*Bluetooth Spam Attacks Inspired by Flipper Zero Now Available as Android App*The Elektra Leak Campaign Leveraging Exposed AWS IAM Credentials on GitHub for Cryptocurrency Mining Attacks*Hackers Exploiting MSIX App Packages to Spread GHOSTPULSE Malware on Windows PCs*SEC Files Lawsuit Against SolarWinds for Investor Misrepresentation Preceding 2020 Cybersecurity Breach*New Phishing Campaign Utilizes Disguised Remcos RAT as Fake Payslip*Bibi-Linux Wiper Malware Launches Destructive Attacks on Israeli Organizations*Cyberattack Disrupts Toronto Public Library Services Over the Weekend*India's Biggest Data Breach: 815 million COVID Test Records for Sale, Sample Authenticity Confirmed*Hunters International Ransomware: A Potential Rebranding of Hive*Check Point Records a High Surge in QR Code Quishing Compared to the Previous Year*Researchers Discovered XMPP-Based Instant Messaging was Being Wiretapped*Nevada School District Parents Receive Emailed Student Data Stolen by Hackers*Android Adware Apps on Google Play Accumulate Over Two Million Installs*Latest iLeakage Exploit Extracts Email Addresses and Passwords from Apple Safari*Microsoft Reveals Octo Tempest as a Significant Threat to Financial Security*Critical Vulnerability in NextGen's Mirth Connect Puts Healthcare Data at Risk*StripedFly Malware Framework Infects Over One Million Windows and Linux Systems*Iranian APT Group Tortoiseshell Unleashes Fresh IMAPLoader Malware Assaults*Seiko Discloses Ransomware Breach Compromising Customer Data*Alleged Cybersecurity Incident: Researcher Reports Exposure of 12 Million Patient Records at Redcliffe Labs; Company Denies Data Breach*Potential Data Breach: 1.2 Million Airbnb User Records Reportedly Exposed*Ransomware Attack by Rorschach Gang Disrupts Chile's Telecom Giant GTD*GoPIX Malware Malvertising Campaign Takes Aim at Brazil's PIX Payment System*European Government Email Servers Hacked Using Roundcube Zero-Day Exploit*ASVEL Basketball Team Acknowledges Data Breach After NoEscape Group's Ransomware Attack Assertion*Security Breach Impacts Five Canadian Hospitals Linked to TransForm Health Services Provider*Modified Backdoor on Compromised Cisco Devices Evades Detection*VMware Issues Alert About POC Availability for vRealize RCE Vulnerability*1Password Identifies Suspicious Activity in Wake of Okta Support Breach*BHI Energy Discloses Details of Akira Ransomware Attack on Its Systems*City of Philadelphia Reveals Data Breach After Five Month Delay*Firebird Backdoor by DoNot Team Targets Pakistan and Afghanistan*Quasar RAT Exploits Dual DLL Side-Loading Technique for Covert Operations*Associated Wholesale Grocers Claimed as a Victim by Play Ransomware Group*Researchers Discover ExelaStealer, a Low-Cost Information Stealer Targeting Windows Systems*American Family Insurance Confirms IT Outages Caused Due to Cyberattack*TetrisPhantom Hackers Target Government Systems in Asia-Pacific, Stealing Data from Secure USB Drives*Thousands of Devices Infected with Malicious Lua Backdoor Exploiting Cisco Zero-Day Vulnerability*Significant Remote Code Execution Vulnerabilities Discovered in SolarWinds Access Audit Solution*Okta Support System Breached Through Compromised Credentials*DarkGate Malware Strikes U.K., U.S., and India in Vietnamese Hacking Campaign*A Cyberattack Disrupts the Operations of Healthcare Solutions Giant Henry Schein*Fraudulent KeePass Website Leverages Google Ads and Punycode to Distribute Malware*Iran-Linked OilRig Launches 8-Month Cyber Campaign Targeting Middle East Governments*BlackCat Ransomware Employing Innovative 'Munchkin' Linux VM for Covert Attacks*A Malware Framework Named MATA Exploits EDR to Attack Defense Firms*Casio's Data Breach Affects Customers in 149 Countries*Synology's DiskStation Manager Admin Takeover Vulnerability Exposes NAS Devices*Data Breach at TrueCoin's Third-Party Vendor Exposes TUSD User Information*Lazarus Group Uses Trojanized VNC Apps to Deceptively Target Defense Experts with Fake Interviews*Qubitstrike's Campaign Targets Cloud Environments via Jupyter Notebooks for Crypto Mining*Security Research Reveals IT Administrators' Use of Weak Passwords on Critical Portals*ClearFake Introduces Deceptive Browser Updates for Malware Distribution*North Korean Hackers Exploit Critical TeamCity Vulnerability to Breach Networks*Ampersand, a TV Advertising Sales Giant Hit by Ransomware Attack*Knight Ransomware Group Claims BMW Munique Motors Cyberattack*D-Link Confirms Data Breach as Data Appears on Sale at BreachForums*The SpyNote Android Malware Spreads Through Fake Alerts about Volcanic Eruptions*Nation-State Hackers Leveraging Discord Platform to Target Critical Infrastructure*Open Source CasaOS Cloud Software Reveals Significant Security Vulnerabilities*Vulnerabilities in Weintek HMIs Pose Significant Security Risks*The 'RedAlert' Rocket Alert App for Israel was Found to Install Spyware on Android Devices*Cisco Issues Alert Regarding Actively Exploited Zero-Day Vulnerability in IOS XE*Threat Actors are Exploiting Potential Milesight Industrial Router Vulnerability*Kansas Courts Shutdown IT Systems Following Security Incident*Critical Vulnerability in WordPress Royal Elementor Plugin Exploited by Hackers*Russian Hackers Exploit Latest WinRAR Vulnerability in Fresh Campaign*Researchers Warn Against SpyNote, an Android Trojan that Records Calls and Audio*Vietnam Faces Accusations of Utilizing Predator Spyware for Surveillance of EU and US Legislators*AI Algorithm Developed to Counter Man-in-the-Middle Attacks on Unmanned Military Robots*Steam Platform Enforces SMS Verification to Prevent Malware-Laden Updates*Indian State Government Addresses Bug Exposing Aadhaar Numbers and Fingerprints*Juniper Networks Addresses Over 30 Vulnerabilities in Junos OS with Security Patches*Mysterious Network Incident Triggers Kwik Trip IT Systems Outage*DarkGate Malware Disguised as PDF Files Spreads Through Messaging Services*Latest PEAPOD Cyberattack Initiative Focuses on Female Political Leaders*Shadow PC Issues Data Breach Warning as Hacker Attempts to Sell Gamer Data*FBI Releases AvosLocker Ransomware Technical Analysis and Defense Strategies*ToddyCat Hackers Employ 'Disposable' Malware for Asian Telecoms' Targeted Attacks*ShellBot Employing Hex IPs for Evasion in Linux SSH Server Attacks*NuGet Developers Infected by SeroXen RAT Through Malicious Solana and KuCoin Packages*Philippine Statistics Agency Investigates Suspected Data Breach*Simpson Manufacturing's Cyberattack Results in IT System Suspension*Enterprise Systems Vulnerable to Critical SOCKS5 Vulnerability in cURL*LinkedIn Smart Links Resurge in Phishing Campaigns Against Microsoft Accounts*CISA Alerts to Ongoing Exploitation of Adobe Acrobat Reader Vulnerability*Deceptive Backdoor Targets WordPress Sites by Posing as Genuine Plugin*Chrome 118 Addresses 20 Security Vulnerabilities with Patches*Unprecedented DDoS Assaults Leveraging Zero-Day Flaw in HTTP2 Rapid Reset Technique*Air Europa Data Breach Sparks Urgent Warning to Customers Cancel their Credit Cards*Safexpay Technology's Payment Gateway Breach Unveils Rs 16,180 Crore Scam*Critical Citrix NetScaler Vulnerabilities Exposes Sensitive Data*Massive Ad Fraud Botnet PEACHPIT Harnesses Millions of Compromised Android and iOS Devices*Researchers Detect Grayling APT's Continuous Attacks on Various Sectors*Mirai Variant Targets Linux Routers with 13 New Payloads*Microsoft Patch Tuesday Security Advisory - October 2023*Critical Memory Corruption Vulnerability in libcue Library Threatens Linux GNOME Environments*IoT Security Concerns Raised Due to Flaws in ConnectedIO's 3G 4G Routers*D-Link WiFi Range Extender Susceptible to Command Injection DoS Attacks*Over 17,000 WordPress Sites Targeted by Balada Injector by Exploiting Unpatched tagDiv Plugin*Magecart Card Skimming Campaign Manipulate Online Store 404 Pages for Credit Card Theft*Israeli Energy and Defense Sectors Targeted by Cyber Threat Actor with Gaza Ties*Flagstar Bank Suffers Third Data Breach Since 2021, Impacting 800,000 Customers*Microsoft 365 Administrators Receive Cautionary Notice About Recent Google Anti-Spam Regulations*D.C. Board of Elections Confirms Voter Data Breach in Website Hack*23andMe Genetics Company Reports User Data Breach in Credential Stuffing Attack*Blackbaud Reaches $49.5 Million Settlement Over Ransomware Data Breach*Backdoored Firmware Discovered in Android Devices Used in US Schools*Multiple Critical Vulnerabilities Uncovered in Supermicro BMC IPMI Firmware*3 Million Customer Records Exposed in Major CRM Provider Really Simple Systems Data Breach*Lyca Mobile Probes Customer Data Breach Following Cyberattack*Cyber Espionage Campaign Linked to China Deploys Cobalt Strike Backdoor in Semiconductor Firms*New Android Trojan GoldDigger Targets Financial Apps in Asia Pacific*Cyber Espionage Attack Targets Guyana Governmental Entity with DinodasRAT*BitSight Uncovers 100,000 Vulnerable Industrial Control Systems (ICS) Exposed to Cybersecurity Risks*Data Breach at European Telecommunications Standards Institute (ETSI) Following Cyberattack*Atlassian Releases Critical Patch for Exploited Zero-Day Vulnerability in Confluence*Hackers Exploit Breached SQL Servers to Target Azure Cloud VMs*Cisco Resolves Hard-Coded Root Credentials Vulnerability in Emergency Responder*Sony Confirms Data Breach Affecting Thousands of Employees in the United States*Researchers Uncover Connection Between DragonEgg Android Spyware and LightSpy iOS Surveillanceware Tool*New Supply Chain Attack Unleashes Open-Source Rootkit via Rogue npm Package*Critical Apple Update Addresses Zero-Day Vulnerability Exploited in iPhone Hacks*Cyber Security Vulnerability at National Logistics Portal (Marine) Exposes Sensitive Data*Security Flaws in TorchServe Enable Remote Code Execution in PyTorch Models*Mirai Botnet's Latest Variants hailBot, kiraiBot, catDDoS Found Active in Recent Attacks*MEDUSA Ransomware Group Claims Attack on Two New Victims*Qualcomm Releases Patch for 3 New Zero-Days Under Active Exploitation as Hackers Target GPU and DSP Drivers*'Looney Tunables' Linux Bug Grants Root Privileges on Major Distributions*EvilProxy Exploits indeed.com's Open Redirect for Microsoft 365 Phishing*Lorenz Ransomware Group Launches a Major Cyberattack on Allcare Pharmacy*Ransomware Threat Groups Targeting JetBrains' TeamCity Servers*Arm Alerts about Exploited Mali GPU Flaws, Suspects Targeted Attacks*Motel One Group Reveals Data Breach After Ransomware Attack*Zanubis Android Banking Trojan Impersonates Peruvian Government App to Target Users*Exim Releases Patches for Three of Six Zero-Day Vulnerabilities Disclosed Recently*Zip Slip Vulnerability in OpenRefine Leads to Malicious Code Execution*BunnyLoader, New Malware-as-a-Service (MaaS) Threat Emerges with New Capabilities*Iran's APT Group OilRig Unleashes Menorah Malware for Stealthy Operations*DDoS protections provided by Cloudflare ironically bypassed.*RSA Decryption Vulnerability from 1998 Returns in Marvin Attack*Amazon Accidentally Sends Out Mastercard and Google Play Gift Card Order Emails*WS_FTP Server Hotfixes Released by Progress Software for Multiple Security Flaws*The New ASMCrypt Malware Loader Allows Cybercriminals to Fly Under the Radar*An Exploit has been Released for the Microsoft SharePoint Server Authentication Bypass Flaw*Zero-day RCE Attacks on Millions of Exim Mail Servers*Cisco Alerts About Exploitation Attempts Post Vulnerability Discovery in IOS and IOS XE Software*Critical Flaw in Cisco Catalyst SD-WAN Manager Enables Remote Server Access*Microsoft Breach by Chinese Hackers Results in Theft of 60,000 U.S. State Department Emails*Malware-Infested Ads Infiltrating Bing's AI Chatbot*Progress Software Issues Warning About Critical Vulnerability in WS FTP Server Software*Password-Stealing Commits Disguised as Dependabot Contributions Target GitHub Repositories*Budworm Hackers Launch Custom Malware Attacks on Telcos and Government Organizations*Firefox 118 Addresses High-Severity Vulnerabilities with Security Patches*DarkBeam Exposes Massive Cache of Email and Password Combinations in DataBreach*Researchers Discover Modern GPUs Vulnerable to New GPU.zip Side-Channel Attack*Malicious PyPI and npm Packages Utilised in SSH Key Compromises*US and Japan Warn of BlackTech Hackers Backdooring Cisco Routers*Johnson Controls, a Leading Building Automation Company, Falls Victim to Ransomware Attack*Google Resolves the Fifth Actively Exploited Zero-Day Vulnerability in Chrome for 2023*ZenRAT Malware Targeting Windows Users by using the Fake Password Manager Software*PhilHealth Faces $300K Ransom Demand Following Data Breach*Google Reassigns Top CVE Rating to libwebp Vulnerability Impacting Browsers and Applications*ShadowSyndicate Cybercriminals Linked to Multiple Ransomware Operations Across 85 Servers*Chinese Hackers in Multi-Year Campaign Target South Korean Organizations*American Red Cross Exploited as Phishing Lure by New AtlasCross Hackers*Openfire Flaw Exploited by Hackers to Encrypt Servers*ZeroFont Phishing Manipulates Microsoft Outlook to Display Fake AV Scans*Critical JetBrains TeamCity Flaw Exposes Source Code and Build Pipelines*Hong Kong Consumer Watchdog Hit by Severe Ransomware Attack*Clop Ransomware Attack on BORN Ontario Child Registry Affects 3.4 million Individuals*Mixin Network Halts Operations After Suffering a $200 Million Hack*Critical BIND DNS System Vulnerabilities Enable DoS Attacks*Three Unique Categories of Cyberattacks with Ties to China Targeting Southeast Asian Government Entities*Xenomorph Android Malware Targets U.S. Banks and Cryptocurrency Wallets*Phishing Campaign Lured as Drone Manuals Targets Ukrainian Military*Spyware Operation EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese Through Watering Hole Attacks*Data Breach at National Student Clearinghouse Affects 890 Schools*Sony Corporation Allegedly Breached by RANSOMEDVC Ransomware Group*Nansen, a Cryptocurrency Analytics Company, Urges Password Resets After Vendor Data Breach*OpenSea API Users Requested to Rotate API Token Following a Third-Party Security Breach*Stealthy and Modular Deadglyph Malware Cyberespionage Attack Targets Middle East Government Entities*Gelsemium APT Group Targeting Southeast Asia's Government Entities*Data Breach at Ohio Community College Exposes Nearly 300,000 Individuals*Spyware Attacks Exploit Newly Resolved Apple and Chrome Zero-Day Vulnerabilities*BBTok Banking Trojan's Latest Variant Takes Aim at Moreover 40 Latin American Banks*Bermuda Government Attributes Cyberattack to Russian Hacker Group*Cybercriminals Redirect Hotel Guests to Fake Booking.com Site to Swipe Credit Card Information*Atlassian Addresses High-Severity Vulnerabilities with Security Updates*New LuaDream Malware Used by 'Sandman' Hackers to Infiltrate Telecommunication Providers*Suspected Ukrainian Hacker Linked to 'Free Download Manager' Malware Attack*CISA and FBI Warns About Snatch Ransomware Group's Attacks*Air Canada Confirms Security Breach, Reveals Exposure of Employee Records*Cyber Group 'Gold Melody' is Marketing Compromised Access to Ransomware Attackers*Apple Releases Urgent Updates to Fix Three Zero-Day Exploits*Pizza Hut Australia Faces Data Breach Affecting 200,000 Customers*Researchers Found Fake POC on GitHub Distributing VenomRAT Malware*Hackers Selling Over 2million Pakistanis' Data from Restaurants After a Massive Breach*City of Pittsburg Suffers Cyberattack Results in Outage*Advanced Phishing Attacks Aimed at Chinese Users Using ValleyRAT and Gh0stRAT Malwares*Nagios XI Network Monitoring Software Fixes Critical Security Flaws*Security Flaws in Atos Unify Expose Systems to Backdoor Attacks*Fortinet Releases Critical Security Updates for FortiOS, FortiProxy, and FortiWeb Products*P2PInfect Botnet Updates to Stealthier Variant with Activity Surges by 600 Times*T-Mobile App Glitch Exposes User Account Information to Others*Hackers from China Target North American and APAC Firms with Web Skimmer Campaigns*New Rust-Based Malware Campaign 'Operation Rusty Flag' Targets Azerbaijan Entities*AMBERSQUID Cryptojacking Operation Attacks Leverages AWS Services*Phishing Attack Targets Victims of Celsius Crypto Bankruptcy*Hackers Employ new HTTPSnoop and PipeSnoop Malware to Target Telecom Companies*Next-Gen Android Banking Trojan Hook Builds Upon ERMAC's Legacy*International Criminal Court Systems Compromised in Recent Cyber Attack*GitLab Urges on Users to Apply Critical Pipeline Flaw Security Updates*Trend Micro Fixes a Critical Zero-Day vulnerability in Apex One Endpoint Security Products*Hackers from APT36 Infect Android Devices with Clones of the YouTube App*Unauthenticated RCE vulnerability Affects Thousands of Juniper Devices*Bumblebee Malware Makes a Comeback, Leveraging WebDAV for New Assaults*38TB of Private Data leaks from Microsoft's Unsecured Azure Storage*SprySOCKS, a New Linux Malware, has been Used in Cyber Espionage Attacks*Shell's Australian BG Group Business Affected by MOVEit Breach*Lazarus Group Targets CoinEx Exchange in Ongoing Cryptocurrency Platform Attacks*Cuba Ransomware Gang Targets Mutiple Sectors with Newly Updated Malware*UNC3944, a Financially Motivated Threat Actor, Shifts Efforts Toward Ransomware Attacks*TikTok Flooded with Cryptocurrency Giveaway Scams Impersonating 'Elon Musk'*Auckland Transport Authority Experiences Alleged Ransomware Attack*Ransomware Attack on ORBCOMM Leads to Disruption in Trucking Fleet Management*Retool Attributes Security Breach to Google Authenticator's MFA Cloud Sync Function*NodeStealer Malware Targets Facebook Business Accounts Across Various Browsers*MGM Casino Faces Ransomware Attack with ESXi Server Encryption*Caesars Entertainment Pays Ransomware After Suffering a Data Breach*Microsoft Discovers Flaws in the ncurses Library that Exposes Linux and macOS Systems*Malicious Google Ads Exploit Cisco Webex to Distribute Malware via Tracking Templates*Iranian Cyberattackers Infiltrate Defense Organizations through Password Spray Tactics*Proof-of-Concept Exploit Demonstrates Windows 11 'ThemeBleed' RCE Vulnerability*Vulnerability in N-Able's Take Control Agent Exposes Windows Systems*Rollbar Discloses a Data Breach, Exposing its Clients Access Tokens*Airbus Launches Inquiry After Hacker Exposes Data*Mozilla Addresses Critical Zero-Day Exploit in Firefox and Thunderbird by Patching WebP Vulnerability*Kubernetes Flaws Expose Windows Endpoints to Remote Attacks*Hackers Employ 3AM Ransomware to Salvage Unsuccessful LockBit Assault*Eight Vulnerabilities Exposed in Microsoft Azure HDInsight Analytics Service*The Latest WiKI-Eve Attack is Capable of Stealing Numeric Passwords Through WiFi*Espionage Group 'Redfly' Quietly Exploits Power Supplier's Network for Half a Year*Adobe Exploited the Zero-Day Vulnerability in Acrobat and Reader Software*MetaStealer Malware Takes Aim at Apple macOS in Recent Attacks*GitHub Fixes a Security Vulnerability which Exposed More Than 4,000 Repositories to Repojacking Attack*Advanced Phishing Operation Targets Windows Machines by Utilizing Agent Tesla, OriginBotnet, and RedLine Clipper*Microsoft Patch Tuesday Security Advisory - September 2023*Rhysida Ransomware Group Continues its Attack on US Hospitals with Demanding 1.3 million Dollar Ransom*Newly Emerged Sponsor Backdoor by Charming Kitten Targets Brazil, Israel, and U.A.E. Entities*MGM Resorts Suffers a Cyberattack, Resulting in the Shutdown of IT Systems*HijackLoader Modular Malware Gains Traction in Cybercrime Circles*Google Addresses Another Chrome Zero-Day Vulnerability Exploited in Attacks*Vietnamese Cybercriminals Use Facebook Messenger to Distribute Python Stealer*New Steal-It Campaign Steal NTLMv2 Hashes from Compromised Windows Using PowerShell*Malicious Telegram Clones on Google Play Infect Over 60,000 Users with Spyware*Phishing Campaign in Microsoft Teams Distributes DarkGate Malware*Cybercriminals Exploit Genuine Advanced Installer Tool for Crypto-Mining Attacks*Cybercriminals Steals More Than $690,000 Following Takeover of Vitalik Buterin's Twitter Profile*Dymocks Booksellers Data Breach Impacts 836000 Customers*Ragnar Locker Ransomware Gang Claims Responsibility for Israel's Mayanei Hayeshua Hospital Cyber Attack*Cisco is Warning About Zero-Day Exploit of Cisco ASA and FTD Software in the Wild*Notepad++ Releases Version 8.5.7 to Resolve Four Security Flaws*Apache Superset Flaws Exploit Enables Remote Code Execution Attacks on Servers*Google Looker Studio Exploited in Phishing Attacks to Target Cryptocurrency Enthusiasts*Apple Releases Emergency Updates to Fix Two Actively Exploited Zero-Day Vulnerabilities Targeting iPhones and Mac*Security Experts Warn of Iranian Hackers Using Fortinet and Zoho Flaws in Breach of US Aviation Organisations*IBM Reveals Data Breach Affecting Janssen Healthcare Platform*Cisco BroadWorks Platform Affected by Authentication Bypass Flaw*Mirai Variant Strikes Low-Cost Android TV Boxes, Turning Them into DDoS Weapons*Dunghill Leak Ransomware Group Claims Responsibility for Sabre Data Breach*Security Researchers Uncovered Nine Vulnerabilities in SEL's Power Management Products*September 2023 Android Updates Addresses Multiple Vulnerabilities Including an Actively Exploited Zero-Day*New SideTwist Backdoor and Agent Tesla Variant Unleashed via Phishing Campaigns*IOS Devices Can be Exploited with Flipper Zero's Bluetooth Spam Attack Functionality*Microsoft Signature Key Stolen from Windows Crash Dump Used by Storm-0558 to Target Organizations*W3LL's Phishing Kit Breaches Thousands of Microsoft 365 Accounts, via Bypassing MFA*NXP Semiconductors Alerts its Customers to Data Breach Impacting Personal Information*Critical Remote Code Execution Vulnerabilities Found in ASUS Routers*Coffee Meets Bagel Confirms Recent Outage Caused Due to Cyberattack*Chaes Malware Incorporates Google Chrome DevTools Protocol for Data Theft*Zero-Day Vulnerability in Atlas VPN Exposes Users Actual IP Addresses*MinIO Storage System Vulnerabilities Exploited by Hackers to Compromise Servers*Zaun, a Fence System Company's Data Breach, Exposes Sensitive Data about UK Military Sites*Freecycle Confirms Enormous Data Breach Affecting 7 Million User Accounts*An Attack on a German Financial Agency's Website Began in September 2023 Has Been Disrupted Ever Since*Chinese-Speaking Hackers Unleash Extensive iMessage Smishing Campaign Across the United States*Vietnamese Cybercriminals Employing Malicious Malvertising Campaign to Target Facebook Business Accounts*Security Researchers Discover Breach of Ayush Jharkhand Portal, Exposing Records of 320,000 Patients*Okta Issues Warning About Social Engineering Attacks Targeting Super Administrator Privileges*Plaintext Passwords can be Stolen from Websites using Chrome Extensions*A Data Breach at the University of Sydney has Affected Recent Applicants*Vulnerability in VMware SSH Authentication Bypass Now Has an Exploit in the Wild*Emerging SuperBear Trojan Utilized in Targeted Phishing Attack Against South Korean Activists*Russian-Backed 'Infamous Chisel' Android Malware Targeting the Ukrainian Military*Cybercriminals Focusing on Microsoft SQL Servers for FreeWorld Ransomware Deployment*Threat Actors Hacked Sourcegraph Website Using a Leaked Admin Access Token*Earth Estries' Targets Governments and Tech Companies from Multiple Continents in an Espionage Campaign*LogicMonitor SaaS Platform Users Targeted in Ransomware Attacks*Hackers Breach Forever 21 Systems to Access more than 500,000 Members Information*Lazarus Hackers from North Korea Linked to VMConnect Malicious Packages on PyPI*Anonymous Sudan Shuts Down X Platform in Demand for Elon Musk's Starlink Service*Windows Container Isolation Framework can be Exploited by Hackers to Bypass Endpoint Security*Paramount Suffers a Data Breach After a Security Incident*Google Chrome Security Patch Released to Fix High-Severity Vulnerability*VMware Warning About a Critical SSH Authentication Bypass Flaw in VMware Aria Operations*All in One WP Migration Flaw Exploit Could Result in a Data Breach*DreamBus Malware Infects Servers by Exploiting a Vulnerability in RocketMQ*Chinese Hackers Suspected of Breaching Japanese Cybersecurity Agency in Prolonged Attack*Hackers Utilize Automated Tools to Overwhelm Mobile Devices with OTP SMS Messages*Cisco VPNs Compromised Through Brute Force Attacks in Hacking Campaign*DarkGate Malware Operations Increases as Creator Rents Malware to Affiliates*New Android MMRat Malware Steals Data via the Protobuf Protocol*University of Michigan Has Shut Down its Network Following a Cyberattack*Spain's Police Warn About LockBit Locker Ransomware Phishing Attacks Against Architectural Firms*Mom's Meals Disclosed a Data Breach That Affected More than 1200000 Individuals*KMSDBot Malware Gets an Upgrade with Enhanced Capabilities to Attack IoT Devices*JPCERT Uncovers Innovative 'MalDoc in PDF' Attack Technique*Experts Discovered a Microsoft Entra ID Exploit That Grants Attackers Elevated Privileges*Metropolitan Police Force's Data Exposed After Its Contractor's IT System Gets Breached*Ohio History Connection Suffers a Ransomware Attack Affecting Thousands of People*Leaseweb, World's Top Cloud and Hosting Provider, is Restoring 'Critical' Services Following a Security Incident*Flax Typhoon Hackers Employ Advanced Tactics, Leveraging LOLBins for Stealthy Operations, Microsoft Reports*Major Data Breach at Kroll Exposes Confidential Information of FTX, BlockFi, and Genesis Creditors*The Telegram Bot "Telekopye" is Powering Large-Scale Russian Phishing Scams*NVIDIA Graphics Driver Vulnerability Could Lead to Memory Corruption*Smoke Loader Dropped New Whiffy Recon Spyware Utilises WiFi to Pinpoint Location*Jupiter X Core WordPress Plugin Flaws Enable Hackers to Take Over Websites*Pole emploi, France's National Employment Authority Suffers Data Breach Affecting 10 Million People*Hackers Breach Internet Organization Using Public ManageEngine Exploit*Danish Hosting Firms, CloudNordic and AzeroCloud, Lost all Customer Data After a Ransomware Attack*Scarab Ransomware Spreads Worldwide with the Help of Spacecolon Toolset*Cybercriminals Exploit WinRAR Zero-Day Vulnerability to Hack Trading Accounts*Over 3000 Unpatched Openfire Servers Found Vulnerable to Hackers Exploit*EVLF, a Syrian Threat Actor, Found to be Creator of CypherRAT and CraxsRAT Malware.*Roblox Game Developers Targeted by Dozens of Malicious npm Packages*Hacking Forum Selling Scraped Data of 2.6 Million Duolingo Users*XLoader macOS Malware Takes on New Identity as 'OfficeNote' Productivity Application*University of Minnesota is Investigating Potential Security Breach Incident*Carderbee Hacking Group Utilises PlugX Malware to Target Asian Organisations in Supply Chain Attack*Energy One Launches Investigation into Recent Cyberattack*Cisco VPN Products are Targeted by Akira Ransomware to Breach Organizations*Vulnerabilities in TP-Link Smart Bulbs Could Expose WiFi Passwords to Hackers*HiatusRAT Malware Resurfaces, Attacking Taiwanese Firms and US Military Personnel*CISA Adds Adobe ColdFusion Flaw to Known Exploited Vulnerability Catalog*BlackCat Ransomware Group Targets Japanese Watchmaker Seiko in Cyberattack*New Vulnerability in Ivanti Sentry is Exploited in the Wild*Tesla Reports Over 75,000 Individuals Affected by Large-Scale Data Breach in May 2023*Numerous Android Malware Applications Employing Sneaky APK Compression to Bypass Detection*Cuba Ransomware Exploits Veeam Vulnerability to Target Vital U.S. Entities*Juniper Networks Warning Regarding New Juniper Junos OS Flaws That Expose Devices to Remote Attacks*Ransomware variant BlackCat adopts advanced Impacket and RemCom tools*New Google Chrome Feature Notifies Users Regarding Automatic Removal of Harmful Extensions*Microsoft's DNS Misconfiguration Causes Hotmail Email Delivery Failures*Security Vulnerability in WinRAR Allows Hackers to Execute Programs via Opening RAR Archives*Apple iOS 16 Vulnerability Facilitates Covert Cellular Connectivity While Simulating Airplane Mode*Global Wave of Phishing Attacks Targets Zimbra Email Server Accounts*Bronze Starlight Group is Using Cobalt Strike Beacons to Target Asian Gambling Industry*Zulip Chat App Employed by Russian Hackers for Stealthy Diplomatic Phishing Operations and Covert C&C Operation*LABRAT Campaign Takes Advantage of GitLab Vulnerability for Cryptomining and Proxy Hijacking Operations*CISA Issues Alert on Exploitation of Critical Citrix ShareFile Flaw in the Wild*Stealthy Malware Infections Build 400,000 Proxy Botnets*Critical Vulnerability Exploited to Hack Nearly 2,000 Citrix NetScaler Instances*Google Chrome 116 Release Patches a Total of 26 Vulnerabilities*See AlsoProblemas do Samsung Galaxy S24 e como corrigi-los | RafaS GeeKQR Code Phishing Attack Employed to Target Multiple U.S. Organizations*PowerShell Gallery Weaknesses Expose Users to Supply Chain Attacks*Cybercriminals Exploit Cloudflare R2 for Hosting Phishing Pages*Threat Actors Hijacking LinkedIn Accounts in a Widespread Campaign*Norfolk and Suffolk Police Unintentionally Disclose Personal Data of 1,230 Individuals*Numerous Vulnerabilities Detected in 'ScrutisWeb Software' Pose a Remote Hacking Risk to ATMs*Android Banking Malware Gigabud RAT Targets Institutions of Various Countries*New Remote Access Trojan QwixxRAT Distributed via Telegram and Discord Platform*VMware ESXi Servers are Targeted by the Monti Ransomware with its New Linux Locker*Data Center Vulnerability Exposed by Multiple Issues in CyberPower and Dataprobe Products*The Info-Stealing Malware Exposed over 100K Hacking Forum Accounts*Discord.io Confirmed a Breach of Its User Database After a Hacker Stole Data From 760K Users*New Spam Campaign Distributes Knight Ransomware as Disguised TripAdvisor Complaints*Ernst & Young's (EY) MoveIt Breach Exposes Bank of America Customers Data*Indian Government's Parivahan Website Suffered Data Breach Exposing Source Code and 10K User Sensitive Data*A New Set of CODESYS SDK Flaws Exposes OT Environments to Remote Attacks*In Early 2022, a Critical Vulnerability in Magento Shopping Carts was Discovered and Exploited*Researchers Uncover APT31's Sophisticated Backdoors and Data Exfiltration Methods*SystemBC Malware Evolves to Target Power Company in Southern Africa*Cyber Espionage Group 'MoustachedBouncer' Utilizes Adversary-in-the-Middle (AiTM) Attacks for Diplomatic Espionage*Critical Flaw in Dell Compellent Integration Tools Exposes VMware vCenter Admin Credentials*CISA Links Barracuda ESG Attacks to New Whirlpool Backdoor*New Statc Stealer Malware Targeting the Microsoft Windows to Steal Sensitive Personal and Payment Information*Gafgyt Malware Exploits Half-Decade Old Vulnerability in End-of-Life Zyxel Router*CISA Adds Actively Exploited Microsoft .NET and Visual Studio Vulnerability to KEV Catalog*Cybercriminals Abusing Open-Source Merlin Post-Exploitation Toolkit to Breach Entities*Microsoft Office Update Disrupts Actively Exploited RCE Attack Chain*Missouri Issues Alert Regarding Stolen Health Information Due to IBM MOVEit Data Breach*Massive EvilProxy Phishing Campaign Targets the 120,000 Microsoft 365 Users*New Rhysida Ransomware is Targeting Healthcare Organizations*Code Flaw in Microsoft Visual Studio Lets Extensions to Collect Credentials*Downfall Attack Exploit Targets Intel Processors, Extracting Encryption Keys and Sensitive Data*AMD Zen CPUs Leak Sensitive Data Due to a New Inception Attack*Latest Variant of Yashma Ransomware Targets Several English-Speaking Nations*8 Years of Voter Data Exposed in UK Electoral Commission Data Breach*Microsoft Patch Tuesday Security Advisory - August 2023*QakBot Malware Group Increases Command and Control Network with Additional 15 New Servers*Vulnerable Redis Servers are Targeted by a New SkidMap Linux Malware Variant*Cyber Attack Hits Prospect Medical Holdings' Healthcare Facilities Affecting Five Cities*New Malware Campaign Uses OpenBullet Configurations to Target Rookie Cyber Criminals*ScarCruft Breach 'NPO Mashinostroyeniya,' a Russian and Indian Defence Manufacturing Company*Colorado Department of Higher Education Suffers Data Breach*Researchers Identified Weaknesses in Tesla's Infotainment System that Unlock Paid Features and Exposes Secrets*Threat Actors Using Reptile Rootkit Malware Targeting South Korean Systems*Cybercriminals Target IT Pros with Fake VMware vConnector Packages on PyPI*A New PaperCut Critical Bug Allows for Remote Code Execution Attacks on Unpatched Servers*Malicious NPM Packages Were Found to Exfiltrate Sensitive Data From Developers*Mozilla Firefox 116 Fixes Multiple High-Severity Vulnerabilities*Rilide Malware Incorporates Chrome Extension Manifest V3 Adaptation For Data Theft*Massive Cyber Attack Targets Hundreds of Citrix NetScaler ADC and Gateway Servers*New Microsoft Azure AD CTS Feature Exploited to Move Laterally in Network*Malicious Apps Avoid Google Play Store Scanners by Using Sneaky Versioning Techniques*Google Chrome 115 Updates Include Patch for Critical V8 Vulnerabilities*Slack Messaging Platform Experiences Outage Affecting Its Users*Salesforce's Email Services Critical Zero-Day Exploited Using Facebook Phishing Campaign*New Collide Power Widespread Side-Channel Attack Exploits Vulnerability in All CPUs*Researchers Uncover Authentication Bypass Flaw in Ivanti EPMM Versions*Researchers Discover AWS SSM Agent Abused as a Stealthy Remote Access Trojan*Russian Hackers are Using Microsoft Teams Phishing Attacks to Target Government Organizations*Space Pirates Target Multiple Organizations in Russia and Serbia by Using Deed RAT Malware*Hundreds of European Bank Customers Targeted by SpyNote Android Trojan*China's APT31 Allegedly Targeting Air-Gapped Systems in Eastern Europe*NodeStealer's Latest Variant Targets Facebook Business Accounts and Crypto Wallets*Threat Actors Targeting Italian Organizations with WikiLoader Malware*Patchwork Hackers Targeting Chinese Research Organizations with EyeShell Backdoor*Hackers Exploiting 'BleedingPipe' Vulnerability to Target Minecraft Servers and Players*P2PInfect Malware Botnet Breach Redis Servers Using Replication Feature*Hackers Stealing Signal and WhatsApp User Data via Fake Android Chat App*AVRecon Botnet Providing Illegal Proxy Service Using Compromised Routers*'Maximus' US Government Contractor Data Breach Affects 8 Million People*Cyber Criminals Hack Israel's Largest Oil Refinery Operator 'BAZAN Group'*Critical Security Vulnerability Found in Metabase BI Software*Ivanti Fixes a Zero-Day Flaw in its Endpoint Manager Mobile (EPMM) Software*Hackers Employ SUBMARINE Backdoor in Barracuda Email Security Gateway Hack*Abyss Locker Ransomware Encrypts VMware ESXi Servers*Hackers Exploit Windows Search Feature to Distribute Remote Access Trojans*New Android Malware Steals Crypto Credentials Using uses OCR*STARKMULE Employs U.S. Military-themed Document Lures to Target Koreans*BlueBravo Targets European Diplomatic Entities Using GraphicalProton Backdoor*IDOR Web App Flaws Enables Unauthorized Access*Hawai'i Community College Suffers Data Breach*Fenix Cybercrime Group Targets Taxpayers from Mexico and Chile*Decoy Dog Malware Poses Grave Risk to Enterprise Networks*Hackers Actively Exploiting Vulnerable Apache Tomcat Servers*WordPress Ninja Forms Plugin Flaws Expose Websites to Data Leak*Zimbra Addresses Zero-Day Vulnerability Exploited in XSS Attacks*Over 900k MikroTik Devices Affected by Code Execution Vulnerability*Researcher Discovers New AI Tool Dubbed 'FraudGPT' Used in Sophisticated Cyber Attacks*Ubuntu Linux Vulnerabilities Affect 40 Percent of Ubuntu Users*ALPHV Ransomware Integrates Data Leak API for Enhanced Extortion Approach*NATO's Communities of Interest (COI) Cooperation Portal Suffers Data Breach*Nitrogen Malware Exploits Google Ads to Deliver Ransomware Attacks*JumpCloud Cyberattack Exposes North Korean Nation-state Actors IP Address*Casbaneiro Banking Malware Adopts UAC Bypass Technique for Stealthy Attacks*400,000 Corporate Credentials Stolen by Info-stealing Malware Families*Realst macOS and Infostealer Malware Targeting Cryptocurrency Wallets*VMware Fixes Critical Bug Exposing Cloud Foundry API Admin Credentials in Audit Logs*Indian Railway Catering and Tourism Corporation (IRCTC) Suffers Massive Outage*Zenbleed Attack Exposes Sensitive Data in AMD Zen2 Processors*Norwegian Government's ICT Platform Hacked Via Zero-Day Vulnerability*Ivanti Addresses A Zero-Day Flaw in its MobileIron Platform*OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection*Atera Windows Installers Vulnerable to High-Risk Privilege Escalation Attacks*Open-Source Software Supply Chain Attacks Target Banking Sector*Microsoft Azure AD Token Forging Technique Goes Beyond Outlook And Wiz Reports*Clop Ransomware Gang Employing Clearweb Sites to Expose Data Stolen in MOVEit Attacks*Coastal Mississippi County Hacked in a Ransomware Attack*Threat Actors Distribute HotRat Malware Via Pirated Softwares*DDoS Botnets are Exploiting Critical Vulnerability in Zyxel Devices*BundleBot Malware Distributed Via Masqueraded Google AI Chatbot and Utilities*Lazarus Group's Campaign Targets Crypto, Gambling and Cyber Sector Developers*Mallox Ransomware Exploits Vulnerable MS-SQL Servers to Breach Networks*New Peer-to-Peer Malware 'P2PInfect' Targets Redis Servers Running Windows and Linux Systems*Critical Vulnerabilities Found in Apache OpenMeetings Web Conferencing Tool*JumpCloud Breach Attributed to North Korean APT Lazarus Group*Critical AMI MegaRAC Flaws Enable Hackers to Crash Vulnerable Servers*Chinese APT41 Using New WyrmSpy and DragonEgg Spyware to Target Mobile Devices*Two Ransomware Groups Target Beauty Giant 'Estée Lauder'*Hackers Target Pakistani Organizations with ShadowPad Malware*Threat Actors Transform Microsoft Exchange Servers as Malicious C2 Servers*Adobe Releases Patches for Actively Exploited ColdFusion Flaws*Citrix Patches Zero-Day Vulnerabilities in its ADC and Gateway Products*FIN8 Utilizes Upgraded Sardonic Malware Variant to Deploy BlackCat Ransomware*VirusTotal Data Breach Exposes Personal Details of Registered Customers*Microsoft Exchange Online Service Suffers New Outage Blocking Emails*SophosEncrypt Ransomware: Impersonating the Popular Sophos Brand*Supply Chain Attack Enabled by Critical Privilege Escalation Design Flaw in Google Cloud Build*Hackers Exploit WebAPK to Trick Android Users into Installing Malicious Apps*Hackers Exploiting WordPress WooCommerce Payments Flaw in Massive Campaign*Threat Actors Exploit Microsoft Word Vulnerabilities to Distribute LokiBot Malware*Threat Actors Utilising Malicious USB Drives to Distribute SOGU and SNOWYDRIVE Malware*Companies Attempt to Bolster their Cyber Defenses as Ransomware Threatens Data Security*Researches Uncover Critical Security Vulnerabilities in Honeywell Experion DCS and QuickBlox Services*Hackers Exploit Lemmy Instances Via Zero-Day Vulnerability*AIOS WordPress Plugin Found Storing User Passwords in Plaintext Format*Hackers Use New Generative AI Cybercrime tool WormGPT to Launch Attacks*Gamaredon Hacking Group Distribute Malware via Instant Messaging Apps*Microsoft Security Flaw Enables Hackers to Breach 24+ Organizations Using Fake Azure AD Tokens*Data Breach at Colorado State University Impacts Students and Staff Personal Data*AVrecon Malware Exploits 70,000 Linux Routers to Establish Massive Botnet*Ukraine and Poland's Military and Government Entities Targeted Using PicassoLoader Malware*Zimbra Urges Administrators to Manually Fix Exploited Zero-Day Attacks*CISA Warns About Rockwell Automation ControlLogix Vulnerabilities Used in Industrial Systems*BlackLotus Windows UEFI Bootkit's Source Code Leaked on GitHub*Researchers Found Fake POC on GitHub Distributing Data Stealing Malware*Unauthenticated REST API Access Compromises Cisco SD-WAN vManage*Fortinet Patches Critical Stack-based Overflow Flaw in FortiOS and FortiProxy Devices*Researchers Publish Proof of Concept for Ghostscript's Critical RCE Vulnerability*Russian State Hackers Use BMW Car Ads to Lure Western Diplomats*New PyLoose Malware Hijacks Computational Power For Cryptocurrency Mining*Microsoft Discloses a Breach of US Government Exchange Email Accounts by Chinese Hackers*SonicWall Alerts Customers to Critical Flaws in its GMS and Analytics Suites*Hackers Abuse Loophole in Windows Policy to Load Malicious Kernel Drivers*Microsoft Office Zero-Day Vulnerability Exploited in Attack Against NATO Summit*Apple Releases Critical iOS Update to Fix Zero-Day Vulnerability in WebKit*Deutsche Bank Confirms Data Breach: Customer Data Exposed through Provider Breach*HCA Healthcare Acknowledges Data Breach as Hacker Steals Data of 11 Million Patients*Microsoft Patch Tuesday Security Advisory - July 2023*Hackers Actively Targeting Latin American Businesses Using TOITOIN Banking Trojan*RomCom Threat Actors Target NATO Summit Attendees in Phishing Campaign*VMware Issues a Warning Regarding the Availability of Critical vRealize RCE Flaw Exploit Code*Apple Issues an Emergency Update Regarding Recent Attacks Using Zero-Day Exploitation*Hackers Exploit Revolut's Payment Systems, Stealing $20 Million*BlackByte 2.0 Ransomware Executes Infiltration, Encryption, and Extortion Within 5 Days*Nickelodeon Launches Investigation Following Leak of "Decades Old" Data*Charming Kitten APT Group Enhances Targeting of macOS Systems with 'NokNok' Malware*Hackers Targets the Cloud-Native Environments of JupyterLab and Docker APIs in Silentbob Campaign*The Latest Version of the 'Big Head' Ransomware Unveils a Bogus Windows Update Alert*A Critical Unauthenticated SQLi Flaw Patched in MOVEit Transfer Software*Mastodon Social Network Fixes Critical Flaws that Allow Server Takeover*Barracuda Addresses Ongoing Email Gateway Login Challenges*CISA Urges Govt Agencies to Patch Actively Exploited Android Driver*Threat Actors Employ Vishing Technique to Deploy New 'Letscall' Malware*CISA Raises Concerns of Netwrix Auditor RCE Bug Exploitation in Truebot Malware Attacks*Two Malicious File Management Apps on Google Play Steals User Data*Cisco Issues a Warning About a Flaw That Enables Attackers to Crack Traffic Encryption*New Linux Kernel Vulnerability 'StackRot' Exploit Enables Privilege Escalation*Microsoft Resolves Windows LSA Protection Warnings Bug*Android Security Patch For July Resolves Three Actively Exploited Vulnerabilities*New Stealer-as-a-Ransomware 'RedEnergy' Targets Energy and Telecom Sectors*TeamsPhisher Tool Exploits Microsoft Teams Bug, Enabling Malware Delivery to Users*Actively Exploited Flaw in SolarView Series Exposes Energy Organizations to Attacks*Japan’s Largest Port 'Port of Nagoya' Operations Disrupted*Mozilla Addresses 13 Vulnerabilities in the Firefox 115 Release*Ransomware Encryption Impacts Over Two-thirds of Manufacturing Companies*DDoSia Attack Tool Upgrades and Expands Targeting Across Multiple Businesses*New GuLoader Campaign Targets Law Firms in the United States*Threat Actor 'Neo_Net' Employs Android Malware to Target Global Financial Institutions*Microsoft Denies Anonymouns Sudan’s Data Breach Claim of 30 Million Customer Accounts*Researchers Warn that 300,000 Fortinet Firewall Appliances are Vulnerable to Attacks.*Sophisticated Threat Meduza Stealer Targeting 19 Password Managers and 76 Crypto Wallets*Hackers Target European Government Entities in SmugX Campaign*BianLian Ransomware Gang Targets Leading Global Business Conglomerate 'Piramal Group'*Hackers Exploiting WordPress's Ultimate Member Plugin Flaw in the Wild*Samsung Phone Vulnerabilities Listed in CISA's 'Must Patch' Catalog Likely Exploited by Spyware Vendor*BlackCat Ransomware Group Exploits WinSCP Search Ads to Distribute Cobalt Strike*Researchers Discovered an Upgraded Version of RustBucket Malware Targeting macOS Users*Charming Kitten, An Iranian Hacking Group Uses Updated POWERSTAR Backdoor in Espionage Attacks*TMSC's Hardware Supplier Kinmax Technology Suffers Ransomware Attack by LockBit Ransomware Gang*Hackers Target Vulnerable SSH Servers To Perform Proxyjacking*North Korean Hacker Group 'Andariel' Strikes with its New EarlyRat Malware*MuddyWater Employs a New C2 Framework Called PhonyC2*The Android Spy App LetMeSpy Suffers a Major Data Breach*New Windows-Based Info Stealer Malware 'ThirdEye' Steals Sensitive Information*Flutter-Based Fluhorse Android Malware Employed to Steal Credit Cards Details and 2FA Codes*Critical Flaws in Social Login Plugin and LearnDash LMS Plugin for WordPress Fixed by Vendors*SQL Injection Vulnerabilities Found in Gentoo Soko Leading To Remote Code Execution*ArcServe Patches a High-Severity Security Vulnerability In Its UDP Backup Software*8Base Ransomware Gang Engages in Double Extortion Attacks*Akira Ransomware's Linux Version Encryptor Targets VMware ESXi Servers*Google Chrome Releases New Update to Patch High-Severity Vulnerabilities*Siemens Energy and Schneider Electric Confirms Data Breach in MOVEit Data-theft Attack*Threat Actors Using New Unique Execution Chain to Target NPM Repository*Outlook Web Suffers Outage Impacting Users Across America*Mockingjay Process Injection Method Allows Malware To Evade Detection*Suncor Energy Suffers Cyber Attack Impacting Petro-Canada Gas Station Customers*Hackers Expose Data of 45,000 New York City Students in MOVEit Breach*Researchers Uncover New Cybercrime Group 'Muddled Libra' Using Social Engineering to Target BPO Sector*Japanese Cryptocurrency Exchange Hit by macOS Backdoor 'JokerSpy*New Malware Campaign Uses Android Banking Trojan 'Anatsa' to Target Banking Customers*Angry LastPass Users Locked Out as MFA Resets Cause Frustration*Super Mario Game Compromised to Distribute Windows Malware*American And Southwest Airlines Suffered a Data Breach Exposing Pilot's Credentials*Grafana Released Patches For Critical Auth Bypass Due to Azure AD Integration*New Strain of JavaScript PindOS Delivers Bumblebee and IcedID Malwares*Data Breach in MOVEit Transfer Impacts Genworth Financial and CalPERS, Exposing Data of 3.2 Million Individuals*Fortinet Resolves Critical Remote Command Execution Flaw in FortiNAC Devices*Newly Discovered Bug in Microsoft Teams Allows Malware Distribution by External Accounts*Phishing Campaign MULTISTORM Exploits India and U.S. with Remote Access Trojans*CISA Updates Known Exploited Vulnerabilities Catalog with Six Additional Security Flaws*New Cryptojacking Campaign Targets IOT and Linux Device using Trojanized OpenSSH Version*Mirai Botnet Exploiting Multiple Vulnerabilities in D-Link, Zyxel, and Netgear Devices*VMware Addresses Critical Vulnerabilities in vCenter Server Allowing Code Execution and Authentication Bypass*Zyxel Fixes a Critical Command Injection Vulnerability in its Network Attached Storage(NAS) Devices*Apple Fixes Three Zero-Day Exploits Used in Triangulation Spyware Attack*North Korean Hacking Group 'APT37' Employing FadeStealer Malware to Conduct Cyber Espionage*Microsoft Releases Workaround for Outlook Freezes and Slow Starts*iOttie Discloses Data Breach Post its Official Site Hack*Condi Malware Targets TP-Link Archer AX21 Wi-Fi Router with DDoS-as-a-Service Exploit*Tsunami Botnet Malware Infects Linux SSH Servers*Microsoft Resolves Critical Azure AD Authentication Flaw Allowing Complete Application Takeover*Info-Stealing Malware Compromises Over 100,000 ChatGPT Accounts*RDStealer Malware: Uncovering a Remote Desktop Exploitation for Data Theft from Shared Drives*Hackers Using Fake OnlyFans Content to Distribute 'DcRAT' Malware*ASUS Patches Critical Vulnerabilities in its Multiple Routers Models*Iowa's Des Moines Public Schools Confirms a Ransomware Attack*Malwarebytes Issued a Fix for the Chrome Display Issue Caused by the Windows 11 KB5027231 Update*Researchers Uncover Advanced Toolkit Specifically Targeting Apple macOS Systems*Massive Data Breach at India's Largest Tech Retailer Exposes Sensitive Employee and Customer Data*BlackCat Ransomware Gang Threatens to Leak Data Stolen During Reddit's System Hack*Microsoft States DDoS Attacks as the Root Cause of the Recent Azure and Outlook Outages*Russian Hackers Employ USB-Spreading Malware to Target Ukrainian Government and Military Officials*Hackers Promote New Mystic Stealer Via Malware as a Service*Researchers Uncover Location Tracking Attack Exploiting SMS Delivery Reports*Emerging Threat Actor Diicot Exploits Diicot Brute, a Go-based SSH Brute-Forcer, to Compromise Linux Systems*Chinese Cyberespionage Group 'UNC4841' Behind Barracuda Zero-day Attacks*Rhysida Ransomware Group Leaks Stolen Documents from Chilean Army*Clop Ransomware Group Initiates Extortion of MOVEit Data-Theft Victims*Abuse of Cloud Mining: Hackers and Threat Actors Exploit Services to Launder Cryptocurrency*GravityRAT Malware Targets WhatsApp Backups on Android Devices*Google Chrome's 114 Update Includes Patch for Critical Vulnerability*Chinese Hackers Exploit DNS-over-HTTPS Protocol for Distribution of Linux Malware*Ofcom, UK Media and Telecoms Regulator, Falls Victim to MOVEit Hack*Critical Security Flaws Uncovered in Microsoft Azure Bastion and Azure Container Registry*Malicious GitHub Repositories Disguised as Fake Security Researchers Distribute Zero-Day Malware*New ChromeLoader Campaign Detected Spreading 'Shampoo' Malware through Counterfeit Warez Websites*Microsoft Addresses Windows Kernel Vulnerability with Default Disabled Fix*Widespread Brand Impersonation Campaign Utilizes 6,000 Websites to Fake 100 Brands*Critical Vulnerability in WordPress Stripe Payment Plugin Exposes Customer Order Details*New DoubleFinger Loader Targets Cryptocurrency Wallets in Cyber Attacks*VMware Releases Patch for Zero-Day Vulnerability Exploited to Install Backdoors in Virtual Machines*Microsoft Patch Tuesday Security Advisory - June 2023*Pirated Windows 10 ISOs Utilize EFI Partitions to Install Clipper Malware*Swiss Government Suffers DDoS Attacks Post Data Leak*'Have I Been Pwned' Discloses Zacks Investment Research's Data Breach*Threat Actors Harness Powerful BatCloak Engine for Fully Undetectable Malware*Researchers Uncover Security Flaws in Honda's 'PETE' e-Commerce Platform*A Major Data Breach Exposed Personal Information of Users Via Govt’s CoWIN Portal*Researchers Uncover a Flaw in Popular Strava App's Heatmap Feature Exposing Home Address*University of Manchester Suffers a Cyberattack, Resulting in a Likely Data Theft*Russian Telecom Company 'Infotel' JSC Suffers an Outage*Critical Vulnerability in Microsoft Visual Studio Exploited to Distribute Malicious Extensions*Fortinet Patches Critical RCE Flaw in Fortigate SSL-VPN Devices*Hackers Impersonate Crypto News Journalists, Steal $3 Million in Digital Assets*New SPECTRALVIPER Backdoor Targets Vietnamese Public Companies with Advanced Tactics*New Stealth Soldier Backdoor Malware Targets North Africa in Espionage Attacks*New Critical SQL Injection Flaws Discovered in MOVEit Transfer*Microsoft Discovers AitM Phishing and BEC Attacks Targeting Major Financial Institutions*Microsoft Azure Portal Suffers an Outage Claimed to be the Result of DDoS Attacks*Asylum Ambuscade Group Combines Cybercrime with Espionage to Target Small and Medium Businesses*Security Researchers Publish PoC for Actively Exploited Windows Win32k Flaw*CLOP Ransomware Gang Actively Exploiting MOVEit Zero-day Flaw*Japanese Pharmaceutical Company 'Eisai' Suffers Ransomware Attack*AIIMS Suffers Another Cyberattack, Following November 2022 Cyberattack*Cisco Patches Critical-Severity Flaws in Expressway Series and TelePresence Video Communication Server (VCS)*Malicious Campaign Deploys Satacom Downloader for Spreading Crypto-Stealing Addons*Cisco Resolves AnyConnect Bug Allowing Windows SYSTEM Privileges*VMware Addresses Critical Vulnerabilities in Aria Operations for Networks*Hackers Exploit Minecraft Mods to Distribute Fractureiser Malware on Windows and Linux*Cyclops Threat Group Facilitates Distribution of Information Stealing Malware to Cybercriminals*Researchers Discovered Over 60,000 Android Apps Installing Adware on Mobile Devices*PowerDrop: New PowerShell Malware Targets the U.S. Aerospace Industry*Outlook Faces Multiple Outages Allegedly Caused by Hacktivist Group Anonymous Sudan*Google Releases Patch for Zero-Day Chrome Vulnerability Exploited in the Wild*Android Security Patch Resolves Critical Vulnerabilities, Including Mali GPU Flaw*Brazilian Cybercriminals Exploit LOLBaS and CMD Scripts to Target Online Bank Accounts*Magecart-Style Campaign Exploits Legitimate Websites to Steal Credit Card Information*Threat Actors Exploit Barracuda ESG Zero-Day Flaw to Distribute Backdoor*$35 Million Worth of Cryptocurrency Stolen in Atomic Wallet Breach*New Malware Campaign Targeting Online Sellers with Info-Stealer*Splunk Addressed High-Severity Vulnerabilities in its Enterprise Products*Chinese Hackers Camaro Dragon Employs New 'TinyNote' Backdoor for Intelligence Gathering*US and South Korea Warn Kimsuky Hackers Impersonating Journalists to Gather Intelligence*Google removed 32 Malicious Extensions from Chrome Web Store Downloaded by 75 Million Times*North Korean Hackers, ScarCruft Uses LNK Files to Launch RokRAT Malware*New MOVEit Transfer Zero-Day Vulnerability is Mass-Exploited in Data Theft Attacks*New Horabot Campaign Targets Latin Americans' Gmail and Outlook Accounts*Researchers warn Organisations about Saleforce 'Ghost Sites' Exposing Sensitive Information*iPhones on Kaspersky Networks are Being Targeted with Unknown Malware*Dark Pink APT Group Continues to Target Asia-Pacific Entities*Hackers Pushing SeroXen RAT To Target Gaming Community*Threat Actor 'Spyboy' Promotes Terminator Tool Capable of Bypassing AV, XDR, and EDR Solutions*Researchers Uncover Proof-of-Concept for RCE Flaw Affecting Popular Python Library ReportLab Toolkit*Researchers Warn About a Backdoor Functionality in Gigabyte Motherboards*Google Releases Chrome 114; Addressing 18 Security Vulnerabilities*Researchers Found DogeRAT Malware Targeting Indian Android Users*RomCom Malware Impersonating ChatGPT, GIMP Spreaded via Google Ads*Researchers Spotted 'SpinOk' Spyware Trojanized in 101 Android Applications*Researchers Found Vulnerability in WordPress's 'Gravity Forms' Plugin Used in 930,000 Websites*'Automattic' Rolls Security Patch to Address Critical Flaw in the Jetpack Plugin*Apple Critical 'Migraine' Flaw Enables Attackers to Bypass System Integrity Protection*MCNA Dental Suffers Ransomware Attack; Impacting 8.9 Million Patients*Hacking Forum Exposed the Data of 478,000 RaidForums Members*New GobRAT Malware Targeting Linux Routers in Japan*Jimbos Protocol Suffered Flash Loan Attack Resulting in Theft of Over $7.5 Million*BlackByte Ransomware Group Claims Responsibility for City of Augusta's Cyberattack*Researcher Uncovers 'File Archiver in the Browser' Phishing Toolkit to Exploit ZIP Domains*Emby Forced to Shutdown Hacked User-hosted Media Servers*Unpatched Zyxel Firewalls Exploited by New Variant of Mirai Botnet*New Bandit Stealer Malware Found Targeting Web Browsers and Cryptocurrency Wallets*Researchers Discovered a Critical OAuth Vulnerability in Expo Framework*QBot Malware Exploits DLL Hijacking Flaw in Windows WordPad EXE to Infect Devices*Buhti Ransomware Gang Exploits Leaked Encryptors to Target Windows and Linux Systems*Researchers Uncover Predator Android Spyware’s New Data Theft Capabilities*Critical Vulnerability in Google Cloud's Cloud SQL Service Exposes Confidential Data*D-Link Fixes Critical Vulnerabilities in its D-View 8.0 Network Device Management Platform*New Russian-linked Malware 'COSMICENERGY' Targets Industrial Systems*Threat Actors Found Using Encrypted RPMSG Messages in Microsoft 365 Phishing Attacks*Barracuda Networks Patches Zero-Day Vulnerability in its Email Security Gateway Appliance*Zyxel Patches Critical Flaws in its Firewall and VPN Products*Researchers Uncover New Version of Legion Malware Targeting SSH Servers and AWS Credentials*Lazarus Group Targets Microsoft IIS Servers to Deploy Malware*Microsoft Exchange Servers Infected with the New PowerExchange Malware*GitLab Issues an Emergency Update to Address a Critical Path Traversal Vulnerability*Hackers Attack 1.5 million WordPress Sites by Leveraging a Cookie Consent Plugin Vulnerability*Researchers Discover North Korean Kimsuky Group Leveraging Sophisticated Reconnaissance Toolkit*Asian Government Entities Targeted by Newly Discovered APT Group, GoldenJackal*Rheinmetall, German Arm Manufacturer, Falls Victim to BlackBasta Ransomware Attack*Newly Discovered AhRat Malware Disguised in Screen Recording App on Google Play Store*Newly Discovered Windows Kernel Driver Used by Iranian Hackers to Target Middle East Entities*'Crypto Phishing Service 'Inferno Drainer' Steals $5.9 Million from Victims*Microsoft 365 Suffers New Outage Causing Connectivity Issues*Threat Actor 'GUI-vil' Exploiting AWS EC2 Instance for Crypto-mining Operations*BlackCat Ransomware Group Employing Malicious Windows Kernel Drivers to Evade Detection*Hackers Could Chain Two Flaws to Achieve Code Execution in Pimcore*New Attack Method 'BrutePrint' Found Brute-Forcing Fingerprints on Android Devices*Threat Actors Use Fake CapCut Websites to Distribute Malware*Threat Actors Hide TurkoRAT Malware in npm Packages*Infamous Cyber Group FIN7 is Back With Cl0p Ransomware*Hackers Employ SIM Swapping to Target Microsoft Azure Machines*Dish Network Likely Paid Ransom Following the Recent Ransomware Attack*Luxottica Discloses a Data Breach; 70M Users Info Leaked*A Faulty Security Update Taken Down ASUS Routers Globally*CISA Issues a Warning on a Samsung ASLR Bypass Flaw*Cryptojacking Group Exploits Oracle WebLogic Server for Cryptocurrency Mining*'Lemon Group' Hacks Millions of Android Devices, Installing Guerilla*New Vulnerability Discovered in KeePass Exposing Cleartext Master Password*Retaliatory Cyberattack: Indian Hackers Target Pakistani Embassy Websites Following DDoS Attack on Indian State Police*Apple Addresses Three New Zero-day Vulnerabilities with Patch Releases*MalasLocker Ransomware Targets Zimbra Servers, Demands Charitable Donations*Houthi-Linked Cyber Threat Group OilAlpha Targets Android Users in the Arabian Peninsula*Unpatched Vulnerability Found in Belkin Wemo Smart Plugs by Researchers*Malicious Visual Studio Extensions Discovered on Microsoft's VSCode Marketplace by Researchers*Cisco Addresses Four Critical RCE Flaws in It's Smart Switches*Chinese Hacking Group "Camaro Dragon" Exploits TP-Link Routers to Target European Organizations*Hackers Exploit Geacon, a Cobalt Strike Port, to Target macOS Users*Multiple Flaws Discovered in Kiddoware's Android Application 'Parental Control - Kids Place'*Hackers Targeting Microsoft Azure Admin Account for Stealthy Access to VMs*K D Hospital, a Multi-Specialty Healthcare Facility, Falls Victim to Ransomware Attack*Researchers Found Vulnerabilities in Sierra Wireless, Teltonika Networks, and InHand Networks' Routers*New APT Group, Lancefly Employs 'Merdoor' Backdoor*PharMerica Suffers a Data Breach; Over 5.8 Million Patients Impacted*New Ransomware-as-a-Service Operation, MichaelKors Targets Linux and VMware ESXi Systems*Threat Actors Target Poorly Managed Microsoft SQL Servers Using CLR SqlShell Malware*New Ransomware Operation, RA Group Targets US and South Korean Companies*Rockwell Automation Fixed Multiple Vulnerabilities Present in its Products*Threat Actors Found Exploiting Recently Fixed WordPress Plugin Vulnerability*U.S. Transportation Department Suffers Data Breach; 237,000 Employees Impacted*Greatness, New Phishing-as-a-Service Platform helps Cybercriminals to Generate Convincing Phishing Pages*Researchers Uncovered a Vulnerability in Ferrari Website, Exposing Sensitive Information*Researchers Found Multiple Vulnerabilities in Netgear's NightHawk Routers*Toyota Disclosed Data Breach Exposing Car Location Data of 2 Million Customers for a Decade*Attackers Exploiting Follina Vulnerability to Distribute XWorm Malware*Discord Disclosed Data Breach After its Support Agent's Account got Compromised*FBI and CISA Warns Bl00dy Ransomware Targets Education Sector via PaperCut RCE Flaw*New APT Group Red Stinger Targeting East Europe's Critical Infrastructures*Researchers Uncover Stealthier Version of Linux BPFDoor Malware*ABB, a Swiss Automation Company Struck by the Black Basta Ransomware*Ransomware Gangs Targeting VMWare ESXi Servers with Leaked Babuk Ransomware Source Code*Researchers Found Critical Privilege Escalation Vulnerability in Elementor Plugins*North Korean Hackers Breach South Korea's Seoul National University; KNPA Issues Warning*Researcher Found New Variant of RapperBot Malware with Cryptojacking Capabilities*Threat Actors Employ DownEx Malware to Target Government Organizations in Central Asia*Threat Actors Deploying Aurora Stealer Via Popunder Ads*Researchers Disclose Info on Zero-Click Windows Vulnerability Enabling NTLM Credential Theft*New DDoS Botnet Malware AndoryuBot Exploits Critical Ruckus RCE Vulnerability*SideWinder APT Group Deploys Server-Based Polymorphism Technique in Attacks on Pakistani Government Organizations*Sysco, a Global Food Chain, Faces Data Breach Impacting Customer and Employee Information*Critical Linux Kernel Netfilter Vulnerability Enables Root Privilege Escalation*Microsoft Releases Optional Fix Guidelines for Secure Boot Zero-Day Vulnerability*Adobe Releases Patch for 14 Vulnerabilities in Substance 3D Painter Software*Microsoft Patch Tuesday Security Advisory - May 2023*Healthcare Solution Provider 'NextGen' Suffers Data Breach Impacting 1 Million Customers*After MSI Breach, Intel Investigates Intel Boot Guard Private Keys Leak*FBI Seizes 13 Domains Linked to DDoS-For-Hire Services*Critical Vulnerability in Siemens Industrial Control Systems Could Disrupt Power Grid*CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine*Researchers Found SideCopy Group's Phishing Campaign with Indian Military Themed Lures*Researchers Uncover New Ransomware Operation Dubbed 'Cactus'*New Ransomware 'Akira' Targets Enterprise Networks*Vulnerability in OpenAI's Account Validation Process Allows Unlimited Credits*A Security Incident Exposed Private Tweets of Twitter Circle*Fortinet Releases Patches for High-Severity Vulnerabilities in FortiADC and FortiOS*New PaperCut RCE Exploit Bypasses Existing Detections*Dragon Breath APT Group Targets Gambling Industry Using Double-Clean-App Technique*Hackers Employ New Web-Inject Toolkit DrIBAN to Target Italian Banking Clients*Threat Actors Hack Packagist Repository; Dozen PHP Packages Compromised*New Android FluHorse Malware Targets Users with Malicious Apps*Updates for Android Fixes a Kernel Flaw used in Spyware Attacks*ALPHV Gang Breaches Constellation Software in a Ransomware Attack*Two WordPress Custom Field Plugins Exposes Over 1M Sites to XSS Attacks*Cisco Disclosed New RCE Vulnerability in Cisco SPA112-Port Phone Adapters*Meta Thwarts a Malware Campaign that Used ChatGPT to Steal Accounts*ALPHV Ransomware Added McDermott International to its Victim List*Researchers Found New Android Subscription Malware 'Fleckpe' on Google Play*Three New Vulnerabilities Found in Microsoft Azure API Management Service*City of Dallas Suffers Royal Ransomware Attack Resulting in Shutdown of its IT Systems*Russian Hacking Group 'Sandworm' Utilizes WInRAR to Erase Ukrainian Government's Data*New Info-stealing Malware 'NodeStealer' Steal Cookies to Hijack Facebook Accounts*Dragon Breath Group Employs New Double DLL Sideloading Technique to Evade Detection*A Data Breach at Brightline Affects 783,000 Pediatric Mental Health Patients*Hackers Exploit Authentication Bypass Vulnerability and RCE Vulnerability in DVR Devices*Iranian Government's BouldSpy Android Spyware Found Targeting Minority Groups*Researchers Uncover Three New Flaws in FRRouting Software*Cryptocurrency Exchange Platform Level Finance Hacked, Resulting in Loss of 214k LVL Tokens*CISA Added TP-Link, Apache, and Oracle Vulnerabilities to its Known Exploited Vulnerabilities Catalog*Servers Running Salesforce Software Are Leaking Sensitive Data*Researchers Found Threat Actors Distributing New LOBSHOT Malware via Google Ads*Vietnamese Threat Actor Employs Malverposting Tactics to Infect 500,000 Devices*Hackers Target AT&T Email Accounts to Steal Cryptocurrency*Russian Hackers Target Ukrainian Government with Phishing Emails*Sharpboys Breach Israeli Prime Minister Benjamin Netanyahu's Facebook Account*Americold, A Leading Cold Storage Company Suffered Outage Followed by Network Breach*Hackers Found Targeting Vulnerable Veeam Backup Servers Exposed on the Internet*Zyxel Addresses Critical Vulnerabilities in its Firewall Devices*Hackers Use Realistic Checkout Forms to Steal Credit Cards*CISA Issued a Warning about Critical Vulnerabilities in Illumina's DNA Sequencing Systems*Researchers Found New Variant of ViperSoftX Info-Stealing Malware with Broader Range of Targets*New macOS Info-stealing Malware 'Atomic' is being Sold Via Private Telegram Channel*Multiple Malicious Gaming Apps Found Distributing Adware on Google Play*Russian Hacking Group Found Operating New Politically Motivated Surveillance Campaign Paperbug in Tajikistan*Researchers Found RTM Ransomware Group Using New Linux Encryptor to Target VMware ESXi Servers*Researchers Found Chinese Hacking Group Gallium Using New Linux Malware Strains in Cyberespionage*PrestaShop Releases New Version to Fix a Critical SQL Filtering Vulnerability*Apache Superset Servers are Vulnerable to Authentication Bypass and RCE Attacks*Cisco Discloses New Zero-Day Vulnerability in its Prime Collaboration Deployment (PCD) Software*Evasive Panda Hacking Group Targets Tencent QQ Messaging App with MgBot Malware*Researchers Found New Version of Mirai Botnet Malware Exploiting a Vulnerability in TP-Link WiFi Routers*VMware Released Patches for Critical Vulnerabilities Discovered in its Workstation and Fusion Software Hypervisors*New Critical SLP Vulnerability Allows Massive 2200X DDoS Amplification Attack*Iranian Hackers Targeting Israel with a PowerLess Backdoor Via Phishing Attacks*APC Addresses Critical Vulnerabilities in its Easy UPS Online Monitoring Software*Canadian Directory Publisher Yellow Pages Suffers a Cyberattack Resulting in Data Leak*Researchers Found New Side Channel Attack Affecting Multiple Generations of Intel CPUs*Attackers Hacked KuCoin’s Twitter Account to Promote Crypto Scam*Microsoft 365 Search Outage Impacts Outlook, Teams, and Exchange Online*Hackers can Abuse Improperly Wiped Corporate-grade Routers to Gain Sensitive Data*CISA Adds Three More Security Flaws to its Known Exploited Vulnerabilities Catalog*Researchers Found a New Malware Toolkit Dubbed Decoy Dog via Anomalous DNS Traffic*In Both Europe and the US, EvilExtractor Seen an Uptick in Malware Activity*Alongside 3CX Breach, Lazarus X_TRADER Hack Affects Critical Infrastructure*Google Ads Support Ransomware Gangs to Employ the BumbleBee Malware*MediaWiki and TWiki-based University Websites Compromised to Spread Fortnite Spam*GhostToken Flaw Enable Attackers to Hide Malicious Apps in Google Cloud Platform*American Bar Association Suffers Data Breach, Affecting 1.4 Million Members*Kubernetes RBAC Exploited in a Large-scale Cryptocurrency Mining Campaign*African Telecommunication Service Providers are Targeted by Daggerfly Threat Group*Attackers Abuses Abandoned 'Eval PHP' WordPress Plugin to Compromise Websites*Lazarus Threat Group Found Using Linux Malware in Fake Job Campaigns*Two Critical Vulnerabilities Found In Alibaba Cloud's ApsaraDB RDS and AnlayticDB for PostgreSQL*VMware Addresses Critical Arbitrary Code Vulnerability in its Aria Operations for Logs*Threat Actors Using AuKill Hacking Tool to Disable EDR Software on Targeted Systems*PaperCut Warns of Critical Vulnerabilities that are Actively Exploited in the Wild*Blind Eagle Threat Group's New Multi-Stage Attack Pushes NjRAT Trojan on Compromised Systems*Researchers Found Attackers Deploying Trigona Ransomware on Unsecured Microsoft SQL Servers*Pakistani Hackers Transparent Tribe Target Indian Government Agencies Using Linux Malware Poseidon*Google Addressed Another Zero-Day Vulnerability in Chrome Browser*Vice Society Ransomware Gang Leaks Data Stolen from US Network Infrastructure Giant CommScope*Iranian Hackers Leveraging Legitimate Simplehelp Remote Support Software to Carry Out Persistent Attacks*CISA, FBI Alerts on Russian State-Sponsored APT28 Threat Group Targeting Cisco Routers*Iranian Hacking Group 'Mint Sandstorm' Targets US Critical Infrastructure in Retaliation to Iranian Attacks*CISA Adds macOS and Chrome Bugs to its Known Exploited Vulnerabilities Catalog*A Security Researcher Published New Sandbox Escape PoC Exploit for VM2 Library*Ex-Conti Members Collaborate with FIN7 Hacking Group to Push New Domino Malware*QBot Malware is Now Distributed Using Malicious PDFs and Windows Script Files*New Credential-Stealer Zaraza Bot Targets 38 Different Web Browsers, Including Google Chrome*Hackers Abused Google Command and Control Red Team Tool in Data Theft Attacks*New Android Malware Chameleon Targets Users in Australia and Poland*Researchers Found New LockBit Encryptors Targeting macOS Devices*The Indian Cybercrime Coordination Center Issued an Alert on 'Hacktivist Indonesia' Group Targeting Govt Websites*Researchers Found Hackers Using Action1 RMM in Ransomware Attacks*NCR’s Aloha POS Platform Suffers an Outage as a Result of BlackCat Ransomware*Attackers are Spreading Android Goldoson Malware Via 60 Google Play Apps*Kodi Suffered a Data Breach Exposing 400K User Records*Researchers Found Vice Society Ransomware Using New PowerShell-Based Data Theft Tool in Attacks*CISA Adds Two Actively Exploited Vulnerabilities in Android and Novi Survey to its KEV Catalog*Google Chrome Releases Emergency Update to Fix a Zero-Day Vulnerability*Russian State Sponsored APT29 Group Targeting NATO and European Union Countries*Researchers Uncover 'Read The Manual' Locker Cyber-criminals*Researchers Found New Legion Tool with Credential Harvester and SMTP Hijacking Capabilities*Microsoft Warns of a Phishing Campaign Targeting Tax Preparers and Accounting Firms*Pakistani Hackers 'Transparent Tribe' Targeting Educational Institutions of India*Security Researchers Warn to Patch Critical MSMQ Vulnerability in Windows*Hyundai Suffers Data Breach Exposing Customers’ Personal Data*Kyocera Addressed a Vulnerability in its Android Printing App that can be Abused to Install Malware*Fortinet Patches Critical Vulnerability in its FortiPresence*Microsoft Patch Tuesday Security Advisory - April 2023*A New 'By-Design' Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers*Infected Websites Distributing Monero Malware via Fake Google Chrome Update Errors*Attackers Hacked iPhones via Invisible Calendar Invites to Drop Spyware*Microsoft Patched Actively Exploiting Zero-day Vulnerability in Windows CLFS*SAP Addresses Two Critical-Severity Vulnerabilities in its April 2023 Security Updates*European HR and Payroll Management Company SD Worx Suffers a Cyberattack*NPM Repository Flooded with Malicious Packages Causing DoS Attack and Service Unavailability*Apple Patches Two Zero-day Vulnerabilities on Older iPhones and iPads*Researchers Found New Cryptojacking Campaign Targeting Linux Machines*Scammers Using Authentic YouTube Email Address to Lure Users into Providing Credentials*Iran-based Hackers Carrying Out Destructive Attacks in Disguise as of Ransomware*Researchers Disclose Critical RCE Flaw in vm2 Sandbox Library*CISA Urges Agencies to Address Backup Exec Issues Exploited by a Ransomware Gang*Massive Balada Injector Campaign Targeting WordPress Sites Since 2017*MSI Affirms Security Breach Accusations Post Ransomware Attack*Apple Patches 2-Zero days Exploited to Hack iPhones and Macs*Cisco Released Patches for Multiple Vulnerabilities in its Various Products*Medusa Ransomware Acknowledges Cyberattack on the Open University of Cyprus*Money Message Ransomware Claims MSI Breach; Demands 4 Million USD*Google Patches Several Security Vulnerabilities with Chrome 112*Researchers Found Four Vulnerabilities in the Popular Japanese Word Processor 'Ichitaro'*CISA Warns on Vulnerabilities Discovered in Nexx Smart Devices*New Clipper Malware 'CryptoClippy' Targeting Portuguese Cryptocurrency Users*Researchers Found Threat Group Mantis Using Upgraded Malware to Target Palestinian Entities*Researchers Found New Version of Typhon Information-Stealer with Enhanced Anti-Analysis and Evasion Capabilities*Google Announced Android's April 2023 Security Update Addressing Over 65 Vulnerabilities*Researchers Found New Rilide Malware Targeting Chrome-Based Browsers to Steal Cryptocurrency*ALPHV Ransomware Exploits Three High-Severity Vulnerabilities in Veritas Backup Software*Check Point Researchers Spotted New Rorschach Ransomware Deployed Against a US-Based Company*IRS-Authorized 'eFile.com' Website was Found Serving JavaScript Malware*HP Announces Critical Information Disclosure Flaw in its LaserJet Printers to be Patched within 90 Days*Researchers Found New Information-Stealing Malware 'OpcJacker' Used in Malvertising Campaigns*Hackers Using Malicious WinRAR Self-Extracting Archives to Plant Backdoors on Devices*Hackers Target Victims of 3CX Supply Chain Attack with Gopuram Malware*Researcher Found Multiple Vulnerabilities in Osprey Pump Controller*American Telecommunication Company Lumen Technologies Suffered Two Cyberattacks*Researchers Discovered a New 'Money Message' Ransomware Extorting $1 Million*Fake Threat Group Midnight Extorting Previously Breached U.S. Companies*Researchers Found Cylance Ransomware Targeting Linux and Windows Systems*TMX Finance and its Subsidiaries Suffers Data Breach Affecting 4.8 Million Customers*Hackers Exploited a High Severity Flaw in the Elementor Pro WordPress Plugin to Upload Backdoors*Researchers Found Threat Actors Exploiting 10 Year Old Windows Vulnerability with 'opt-in' Fix in Recent Attacks*A Severe Super FabriXss Vulnerability has been Discovered in Azure Service Fabric Explorer*Researchers Found Malware Botnets Exploiting Realtek and Cacti Vulnerabilities*New AlienFox Toolkit Targets Popular Cloud Services for Credential Harvesting*Chinese Threat Group RedGolf Uses a Custom Backdoor KEYPLUG to Target Windows and Linux Systems*Threat Group Winter Vivern Exploiting a Zimbra Vulnerability to Steal NATO Emails*CISA Added Five Vulnerabilities Exploited to Drop Spyware to its Known Exploited Vulnerabilities Catalog*A Misconfigured Microsoft Bing Application Allows to Breach the Office 365 Users*Hackers Compromised 3CX Desktop App Using Digitally Signed and Trojanized Version of 3CX (VOIP)*Researchers Discovered a New Malware ‘Melofée’ Targeting Linux Server*QNAP Addresses High Severity Linux Sudo Vulnerability in NAS Devices*Hackers Exploited 'burn' Smart Contract Function in SafeMoon's Liquidty Pool to Drain $8.9 Million*Clop Ransomware Breached Crown Resorts' Network by Exploiting GoAnywhere Zero-day Vulnerability*Security Researchers Disclosed WiFi Protocol Vulnerability Allowing Attackers to Hijack Network Traffic*Researchers Found Trojanized Tor Browsers Targeting Russians with Crypto-Stealing Malware*Attackers Targeted European Entities to Distribute Remcos RAT and Formbook Malware*Pakistan-Based SideCopy APT Group Targeting India's DRDO with Action RAT*Researchers Found New Variants of IcedID Loader Delivering Other Malware*A New MacStealer Malware Targeted Mac Users and Stealing iCloud Keychain Credentials*Apple Fixes WebKit Zero-Day Bug on Older iPhones*Twitter Removes Source Code that Leaked on GitHub and Searching for Downloaders*Attackers Targeting U.S. Taxpayers in New Emotet Phishing Campaign*Critical Flaw in AI Testing Framework MLflow May Expose AI and Machine-Learning Models*OpenAI Reveals About ChatGPT User Data Exposure Incident*Microsoft Warn of Outlook Vulnerability Exploited by Russian Attackers*Procter & Gamble Discloses Data Breach via GoAnywhere Zero-day*Chinese Nuclear Energy Institutions Targeted by 'Bitter' Espionage Hackers*Lionsgate's Streaming Network Reveals Over 37 Million Subscribers' Data*Malicious Python Package Employ Unicode Technique to Evade Detection*Researchers Disclose Chinese Nation State Hackers' New Attack Strategies*Threat Actors Targeting 450 Financial Apps Using Android Banking Trojan*Code Hosting Platform 'GitHub' Swiftly Replaces Exposed RSA SSH Key*Play Ransomware Gang Publishes Data Stolen From Maritime Firm Royal Dirkzwager*WordPress Fixed a Critical Vulnerability in WooCommerce Payments Plugin*BlackGuard Stealer Targeting 57 Cryptocurrency Browser Extensions and Wallets*Cisco Addressed High Severity Vulnerabilities in its IOS and IOS XE Software*Microsoft Fixes Windows 11 Snipping Tool's Acropalypse Privacy Flaw*Researchers Warn About Kimsuky Threat Group Stealing Gmail Content*Researchers Published Proof-of-Concept (PoC) for Netgear Orbi Mesh Wireless System Vulnerabilities*A Trojanized ChatGPT Chrome Extension Found Stealing Facebook Accounts*CISA Warned on Critical Vulnerabilities in Industrial Control Systems Products*Play Ransomware Gang Released Data Allegedly Stolen From Logistics Services Company Royal Dirkzwager*Mozilla Fixes Firefox Crash Issue in Windows 11 and macOS Systems*Hackers Employing New CommonMagic and PowerMagic Malware To Steal Victims' Information*Threat Actors Targeting Linux Servers with Different Variants of ShellBot Malware*Fraudsters Extort 1 Crore INR from 81 Users Via a Mobile Payment App*Threat Actors Exploited a Zero-day Vulnerability in General Byte Bitcoin ATMs*Ferrari, Italian Luxury Sports Car Manufacturer Discloses a Data Breach*Realtek SDK, Huawei Routers, and Hadoop YARN Servers are Targeted by New HinataBot Botnet*FBI, CISA and MS-ISAC Releases Advisory to Warns About LockBit 3.0 Ransomware Attacks*New Trigona Ransomware Targets Australia, United States and European Countries*Threat Actors Now Distributing Emotet Malware via Malicious Microsoft OneNote Files*NBA Suffers Data Breach that Exposes its Fans' Personal Information*Scammers Abuse Twitter’s 'Quote Tweet' Feature to Target Bank Customers*Attackers Distributing Android Malware 'FakeCalls' in South Korea*A Cyberattack at Latitude Financial Services Leads to Data Theft at Two Service Providers*Google Warned About 18 Zero-Day Flaws in Samsung's Exynos Chipsets*Attackers Abuse Adobe Acrobat Sign to Deliver Redline Info-Stealing Malware*Mozilla Announced the Release of Firefox 111 with Dozen of Vulnerability Patches*Attackers Hacked U.S Federal Agencies Using Old Telerik UI Vulnerability*Researchers Discovered First Dero Cryptojacking Campaign Targeting Kubernetes*Healthcare Provider ILS Suffered a Data Breach Exposing 4.2 Million Patient Data*Researchers Disclosed the Technical Details of Critical Microsoft Outlook Vulnerability*Tick APT Group Compromised a Data-Loss Prevention Company in East Asia*CISA Added a Critical Adobe ColdFusion Vulnerability to its Known Exploited Vulnerability Catalog*New Threat Group YoroTrooper Running Cyber-Espionage Campaign Against CIS Government Organizations*Rubrik Suffers Data Breach in GoAnywhere Zero-Day Attack*SAP Addressed Five Critical Vulnerabilities in its Security Updates*Microsoft Patch Tuesday Security Advisory - March 2023*Euler Finance Lost $197 Million in Crypto in Flash Loan Attack*Dark Pink APT Group Using KamiKakaBot Malware Against Southeast Asian Government and Military Entities*A Massive Cyberattack Hijacks East Asian Websites to Redirect Victims to Adult Content*Threat Actors Using AI-generated YouTube Videos to Spread Info-stealer Malware*Researchers Discovered Critical Security Vulnerabilities in Akuvox E11 Video Doorphone*Unidentified Attackers Target Government Networks by Abusing New FortiOS Bug in Zero-Day Attacks*Researchers Disclosed a Cross-Site Search Vulnerability in OpenSea NFT Marketplace*Researchers Found a New CASPER Attack that Leaks Data from Air-gapped Computers*German Vehicle Manufacturer BMW Exposes Clients Data and Business Secrets*U.S. Office Supply Distributor Essendant Suffers Multi-Day Outage*Updated Version of Prometei Malware Found Infecting 10000 Systems Worldwide*Clop Ransomware Gang Starts Extorting GoAnywhere Zero-Day Exploit Victims*Researchers Found BATLOADER Malware Abusing Google Ads to Deliver Secondary Payload*New Threat Actor UNC2970 Targeting Security Researchers Using New Custom Malwares Families*Researcher Found New GoBruteforcer Malware Targeting Servers with phpMyAdmin, MySQL, FTP, Postgres Services*CISA Adds Two Vulnerabilities to its Known Exploited Vulnerabilities Catalog*Cerebral Healthcare Platform Suffered a Data Breach Affecting 3.18 Million Patients*Researchers Found the New Variant of Xenomorph Android Malware Targeting Over 500 Banks*Threat Actors Exploiting Remote Desktop Software Vulnerabilities to Spread PlugX Malware*New Variant of IceFire Ransomware is Now Actively Targets Linux Systems*Attackers Targeted Oracle WebLogic Servers with New ScrubCrypt Crypter*A Chinese Hacking Campaign Targets Unpatched SonicWall SMA Appliances to Install Custom Malware*AT&T Vendor Hack Results in the Disclosure of 9 Million Customer Records*Researchers Reported About Bitwarden's Autofill Feature Flaw that can be Abused to Steal Credentials*New Sharp Panda Campaign Targets Southeast Asian Government Entities with Soul Malware*Veeam Addressed a High Severity Backup Services Vulnerability Affecting its Backup Infrastructure*Fortinet Fixed a Critical RCE Vulnerability Affecting FortiOS and FortiProxy*SYS01stealer: A New Attack Targeting Critical Infrastructure Enterprises Using Facebook Ads*Transparent Tribe Hackers Employ Trojanized Messaging Apps to Distribute CapraRAT*Microsoft Releases a Fix for Outlook Login Issues in Exchange Environments*Acer Discloses Breach Following the Sale of 160GB of Data on a Hacking Site*The March 2023 Android Update Addresses Two Critical Code Execution Flaws*New HiatusRAT Malware Found Targeting DrayTek Vigor Routers for Data Theft*Researcher Found Blackfly APT Group Targeting Asian Entities*Experts Revealed About a Blind Spot in Google Cloud Platform that Leads to Data Exfiltration Attacks*Researcher Published Proof-of-Concept for Microsoft Word's Critical RCE Vulnerability*The Sandbox Blockchain Games’ Employee Account Hacked to Send Malware-Linked Emails*Threat Actors Using Malicious Microsoft OneNote Attachments to Infect Windows Systems*Researchers Found New FiXS ATM Malware Targeting Banks of Mexico*Tennessee State University and Southeastern Louisiana Universities Suffers Cyberattack*CISA and FBI Warn of Increased Royal Ransomware Attacks*Researchers Found Thousands of Websites Compromised Using Stolen FTP Credentials*Threat Actors Launch New Cryptojacking Campaign, Targeting Misconfigured Redis Database Servers*Microsoft Fixed MMIO Information Disclosure Vulnerabilities in Intel CPUs*Experts Uncover a Full-Featured Information Stealer and Trojan in a Python Package on PyPI*Scammers Target Trezor Customers with Fake Data Breach Notifications*Aruba Networks Patched Six Critical-Severity Vulnerabilities Impacting ArubaOS Versions*Iron Tiger Attackers Create New Linux Version of their Custom SysUpdate Malware*Cisco Addresses Critical RCE Vulnerability in Web UI of Multiple IP Phones*BlackLotus is the First UEFI Bootkit Malware to Bypass Secure Boot Defenses on Windows 11*Microsoft Addressed a Global Outage Impacting its Exchange Online Mailboxes*Blind Eagle Hackers Targeting Colombian Entities via Spear-Phishing*Attackers Using Advanced Hacking Operation SCARLETEEL to Infiltrate Cloud Services*Researchers Identified Pair of Security Defects in Trusted Platform Module (TPM) 2.0*American TV Giant Dish Network Confirms Ransomware Attack Behind Multi-Day Network Outage*CISA Alerts on Active Exploitation of ZK Java Framework RCE Flaw*Attackers Promoting New Exfiltrator-22 Post-Exploitation Framework to Spread Ransomware*LastPass Releases Additional Information on December 2022 Password Vault Data Breach*Researchers Found Mysterious Nevada Group Targeting Thousands of Cloud Servers*Attackers Use LinkedIn URL Shortener to Send Amazon Prime Phishing Emails*Two Critical Flaws in WordPress Houzez Theme and Plugin are Being Actively Exploited in the Wild*U.S. Marshal Service Suffered a Data Breach Followed by Ransomware Attack*Ohio’s Largest Oil Producer Encino Energy Targeted by Cyberattack*ChromeLoader Campaign Now Distributing Malicious VHD Files Disguised as Game Programs*Cyberattacks Target Data Center Organizations to Steal Information*News Corp's Data Breach Statement Reveals Hackers were on it's Network for 2 Years*Attackers Flood NPM Repository with 15000 Malicious Packages Containing Phishing Links*American TV Giant Dish Network Suffers an Outage*Stanford University Suffers Data Breach Affecting 897 PhD Applicants*Researchers found Unknown Threat Actors Targeting Government Entities with PureCrypter Malware*Pirated Final Cut Pro Software Targets macOS for Cryptocurrency Mining*Researchers Discover a Cyber Group Employing Lilith RAT and Atharvan Malware to Target the Material Research Industry*Dole, a Fruit and Vegetable Company, Hit by a Ransomware Attack*Analysts Warn of Increasing Attacks Leveraging Zoho ManageEngine Products*Canada’s Second Largest Telecom TELUS Investigating a Possible Data Breach*Cisco Addresses High-Severity Vulnerabilities in its Application Centric Infrastructure Components*Attackers Exploited R1Soft Server Backup Manager Vulnerability to Deploy Backdoor*New S1deload Info-Stealer Malware Targets YouTube and Facebook Accounts*Shipping and Medical Laboratories are Targeted by New Threat Actor Hydrochasma*Hackers Using Fake ChatGPT Apps to Distribute Windows and Android Malware*VMware Fixed a Critical Injection Flaw in Carbon Black App Control*CISA Adds Three New Security Flaws to its Known Exploited Vulnerabilities Catalog*Security Researchers Release the Proof-of-Concept Exploit for Critical Fortinet's FortiNAC RCE Flaw*Researchers Found MyloBot Botnet Infecting Thousands of Systems Everyday*Video Game Publisher Activision Suffered a Data Breach*Pakistani Threat Actor SideCopy Targeting Indian Government Agencies Using ReverseRAT Backdoor*Apple Updated its Security Advisories to Add New Class of Vulnerabilities*Researchers Found a New Stealc Malware with Wide Range of Capabilities*HardBit 2.0 Ransomware Operators Use Victim’s Insurance Details to Set Up Ransom Payment*Samsung Adds New Security Feature to Protect Against Zero-Click Attack*Indian Ticketing Platform RailYatri Suffered a Data Breach Affecting 31 Million Customers*Attacker Targeted Coinbase Employees in Smishing Attack*Attackers Using New Version of OxtaRAT Backdoor to Target Armenian Entities*Researchers Found a New WhiskerSpy Backdoor Delivered via Trojanized codec Installer*Threat Actors Exploiting Microsoft Exchange ProxyShell Vulnerabilities to Deploy Cryptocurrency Miners*Experts Found Attackers Targeting South Korean Journalists with RambleOn Malware*Researchers Found New Mirai Botnet Variant Targeting Linux and IoT Devices*GoDaddy Reports a Multi-Year Security Breach it Suffered*Threat Actors Targeted Microsoft IIS Servers with New Frebniis Malware*Fortinet Patches Two Critical Security Flaws in FortiNAC and FortiWeb Product*CISA Alerts on Windows and iOS Vulnerabilities Exploited as Zero-Days*Louisiana HBCU's Xavier University Reported a Data Breach that Occurred in November 2022*Researchers Found an Authenticated RCE Vulnerability in Arris Router*Scandinavian Airlines Suffered Cyberattack Exposing Customer Data*Burton Snowboards Cancelled Online Orders Following Cyber Attack*RedEyes APT Group Using New Malware 'M2RAT' to Steal Victims' Data*Splunk Patches High Severity Vulnerabilities in its Enterprise Solution Update*New Stealthy Malware 'Beep' is Very Focused in Avoiding Detection*Tonga Communications Corporation Suffers Ransomware Attack*Hyundai and Kia Car Thefts Rise due to TikTok Challenge*Hackers Using New MortalKombat Ransomware and Laplas Crypto-Hijacker Targeting U.S Victims*Community Health Systems Suffers Data Breach Affecting One Million Patients*Microsoft Exchange Server 2013 Reaches End of Support Lifecycle in April 2023*Al-Toufan Hacking Group Targets Websites of Bahrain Airport and News Sites*Microsoft Patch Tuesday Security Advisory - February 2023*United States’ Largest Bottler Pepsi Bottling Ventures Suffers Data Breach*Garrison Women's Health Suffered Data Breach Affecting 4,000 Patients*Apple Addressed New Actively Exploited WebKit Zero-Day Vulnerability*Cloudflare Detects and Mitigates Largest Recorded DDoS Attack*Modified Version of ESXiArgs Ransomware Blocks VMware Host Recovery*New Ransomware Group DarkBit Targets Israel's Top Research University Technion*Threat Actors Hacked Namecheap’s Email Account to Send Phishing Emails*CISA Warns About North Korean Hackers Targeting Healthcare Organizations in Ransomware Attacks*CISA Adds Three More Security Flaws to its Known Exploited Vulnerabilities Catalog*Multiple Medical Groups in California Suffered a Ransomware Attack*Researchers Found Malicious Packages on PyPI and NPM Repositories*Play Ransomware Claims Attack on A10 Networks*Clop Ransomware Gang Claims Exploiting GoAnywhere Zero-Day Flaw*Microsoft Announces Retirement of Microsoft Support Diagnostic Tool (MSDT) and Troubleshooters*Researchers Found Multiple Vulnerabilities in Wireless Industrial Internet of Things (IIoT) Devices*NewsPenguin Threat Actor Targets Pakistani Entities in Phishing Campaign*Russian Hackers Use Fake Crypto Job Offers to Push Enigma Malware*Reddit Hit by Cyberattack that Allowed Hackers to Steal Source Code*The Largest Canadian Bookstore Indigo Suffered a Cyberattack*Researchers Found Russian Hackers Using New Graphiron Malware to Target Ukraine*Ross Memorial Hospital in Lindsay Hit by a Cyberattack*Munster Technological University (MTU) in Ireland Suffers a Major IT Breach*Multiple Document Management Systems Found with Unpatched Security Vulnerabilities*Google Released Chrome 110 that Addresses 15 Vulnerabilities*Pharmaceutical Distributor AmerisourceBergen Hit by a Cyberattack*Researchers Found New Medusa Botnet Targeting Linux Users*GuLoader Malware Targets E-commerce Industry Using Malicious NSIS Executables*Developers Release an Emergency Patch for GoAnywhere MFTaaS's Actively Exploited Zero-Day Flaw*Researcher Disclosed a Flaw Detected in Toyota's Global Supplier Management System (GSPIMS)*Google Chrome to End Support for Windows 7,8,8.1, Windows Server 2012, and 2012 R2 Starting February 2023*OpenSSL Releases a Patch to Fix High-Severity Vulnerabilities*U.S. Cellular's Third-Party Vendor Suffers Data Breach Affecting its 52000 Customers*Researchers Disclosed About High-Severity Format String Vulnerability Present in F5 BIG-IP*India’s Largest Truck Brokerage Company FR8 Exposes 140GB of Information in a Data Leak*TgToxic Malware is Targeting Android Users from Southeast Asia*Hackers Mimicking Ukrainian Ministry Officials to Deploy Malware*TruthFinder and Instant Checkmate Discloses a Data Breach Affecting 20 Million Consumers*A New Wave of Ransomware Attacks Targeting ESXi Systems Using a VMware Flaw*Major Internet and Power Outages Struck Bermuda*A New Android Banking Trojan is Aimed at Brazilian Financial Institutions*A GoAnywhere MFT Zero-day Flaw Enables Server Intrusion*Florida Hospital Shuts Down its IT Systems Post a Cyberattack*Threat Actors Targeting Vulnerabilities in SugarCRM and Oracle E-Business Suite*Jira Software from Atlassian has a Critical Authentication Vulnerability*Hackers from Iran's Oil Rig Using a New Backdoor to Steal Data from Government Agencies*Hackers Use KoiVM Virtualization Technology to Evade Detection when Installing the Formbook Data Stealer*North Korean Lazarus Hacking Group Stole 100GB of Data Via Campaign Named "No Pineapple!"*Financial Software Provider, ION Group, has been Hit by a Ransomware Attack Affected Global Markets*Cisco Addressed High-Severity Vulnerability in its IOx Application*Car Retailer Arnold Clark Suffers a Data Breach Claimed by Play Ransomware*Hackers Stolen the Details of 240,000 Skating Customers from Planet Ice*Fraudulent Crypto Apps Infiltrate Apple App Store and Google Play Store*BlackCat Ransomware Gang Claims an Attack on Solar Industries, an Industrial Explosives Manufacturer*Hackers Used Google Fi Data Breach to Carry Out SIM Swap Attacks*A Phishing Attack Against Latvia’s Ministry of Defense Linked to Russian Hacking Group*Guildford County School Suffers a Cyberattack Resulting in Outage*US Telecommunications Company Charter Communication Impacted by Third-Party Data Breach*Indianapolis Housing Agency Suffers Ransomware Attack Affecting 212,910 Peoples*Hackers Advertising New Golang-Based Malware via Telegram Channel*Attackers Stole Encrypted Code-Signing Certificates of GitHub Desktop for Mac and Atom Apps*Developers Disagree with a New Vulnerability Reported in KeePass Software*QNAP Fixes a Critical Vulnerability in its NAS Devices*UK Retail Company JD Sports Suffered a Data Breach Affecting 10 Million Customers*A Critical Vulnerability in Lexmark Printers Affects Over 120 Models*Researchers Found Gootkit Malware with New Components and Obfuscation Techniques*ISC Patched Multiple High-Severity DoS Vulnerabilities in DNS Software Suite BIND*Researchers Warn About Multiple Vulnerabilities in Healthcare Software OpenEMR*Researchers Found Attackers Using Portable USB Storage Devices to Spread New Variant of PlugX Malware*Several Malicious Apps have been Found on Google Play Store with Over 5 Million Downloads*Hackers Using New SwiftSlicer Data Wiper to Infect Windows OS*A Major Microsoft 365 Outage was Caused by a Change in WAN Router IP Address*A Hacker Group Called Sandworm Attacked a Ukrainian News Agency with Five Data Wipers*Researcher Found 75,000 WordPress Sites Still Using Vulnerable LearnPress Plugin Version*Data Breach Against Two Health Service Organizations Affected 400,000 Individuals*BayCare Clinic Suffers Data Breach Due to Tracking Pixel Used by Third Party Vendor*German Airport's Websites, Administration Bodies, and Financial Sector Organizations Suffers DDoS Attack*New Mimic Ransomware Uses 'Everything' Windows Search Tool to Encrypt Files*The CISA of Federal Organizations Breached Using Legit Remote Desktop Software*Phishing Campaigns Employ New Python RAT Malware to Target Windows*Threat Actors Leveraging Critical Realtek SDK Flaw in Millions of Attacks*North Korean Hackers Actively Harvesting Credentials in the Latest Cyberattacks*Zacks Investment Research Security Breach Affects 820,000 Customers*Researchers Found Threat Actors Abusing Google Ads to Spread Malware*DragonSpark Attackers Group Use Golang Malware to Evade Detection*Several Microsoft Services Including Teams, Outlook, Store Stop Responding: Microsoft Probes Outage*Arm Mali GPU Vulnerability Leads to Arbitrary Kernel Code Execution and Root on Pixel 6 Phones*A Vulnerability in Diksha App Exposed Personal Information of Millions of Indian Teachers and Students*Zendesk Suffered Data Breach After its Employee Fell into Phishing Attack*Security Researchers Disclosed Two Security Flaws in Samsung's Galaxy Store App for Android*Apple Backported Security Patches for Zero-Day Vulnerability in Older iPhone and iPad Models*Nunavut Energy Supplier Qulliq Energy Corporation Suffered a Cyberattack*Roaming Mantis Adds New DNS Changer to its Android Malware to Hack WiFi Routers*Costa Rica's Ministry of Public Works and Transport (MOPT) Hit by Ransomware Attack*Riot Games’ Development Environment Compromised Via Social Engineering Attacks*Drupal Patches Vulnerabilities that Lead to Information Disclosure*Chinese Hackers Leverages a Fortinet Flaw as a Zero-day Exploit to Drop Malware*Hackers Actively Using OneNote Attachments to Spread Malware*Researchers Dismantle Massive Ad-fraud Operation Dubbed 'Vastflux'*Over 19,000 End-of-life Cisco Routers Vulnerable to RCE Attacks*The Windows 10 KB5019275 Preview Update Comprises 14 Fixes*Vulnerabilities of Critical Significance OpenText Enterprise Content Management System Patched*Gamaredon Company Utilizes Telegram to Launch Cyberattacks Against Ukraine*Hackers May Abuse GitHub Codespaces Functionality to Host and Disseminate Malware*Researchers Discovered a New Banking Trojan Hook with RAT Capabilities*Researchers Discovered a Critical RCE Flaw Dubbed EmojiDeploy in Microsoft Azure Services*T-Mobile Disclosed Data Breach Affecting 37 Million Customers' Personal Information*Attackers Hacked 34,942 PayPal Users Accounts in Credential Stuffing Attack*Cisco Announced Patches for a High-Severity SQL Injection Vulnerability in Unified CM and CM SME*Oracle Addresses 327 Security Vulnerabilities in its January 2023 Critical Patch Update*HR Management Platform Myrocket.co Exposed Personal Information of Millions of Job Candidates*CERT Coordination Center Disclosed Critical Security Flaws in Netcomm and TP-Link Routers*Researcher Found NjRAT Trojan Being Distributed Via New Earth Bogle Campaign*MailChimp Suffers a Breach After Attackers Gained Employee Credentials*CISA Alerts on Vulnerabilities in Siemens, GE Digital, and Contec ICS Products*Researchers Warn of Critical RCE Vulnerability in Zoho ManageEngine Products*Nissan North America Suffers Data Breach Due to Poorly Configured Third-Party Vendor Database*Microsoft Azure Services were Vulnerable to Unauthorized Access to Cloud Resources*Git Patched Two Critical Severity Security Flaws that Allow Hackers to Execute Arbitrary Code*Threat Actor ‘Lolip0p’ Uploaded Three Malicious Packages on PyPi Platform*ODIN Intelligence's Website Defaced and Breached*DNV's ShipManager Software Suffers a Ransomware Attack Affecting Thousands of Shipping*Vice Society Ransomware Gang Leaked Sensitive Data from University of Duisburg-Essen*Hackers Leaked Sensitive Files From San Francisco Transit Police Online*Researcher Found Android TV Box with Pre-installed Malware*Cryptocurrency Wallet Provider MetaMask Warns Users of a New Address Poisoning Scam*Majority of Cacti Servers Found Unpatched against Critical Vulnerability Resulting in Attacks*The Website of Canada's Largest Alcohol Retailer Hacked to Steal Credit Card Information*Researchers Found CircleCI Security Incident was Caused by Info-Stealing Malware*Hackers Breached NortonLifeLocks's Password Manager Accounts*Polyglot Files are Used by Cybercriminals to Distribute Malware Undetected*WordPress Plugins Found Vulnerable to Critical SQL Injection Flaws along with PoCs*Researchers Found EyeSpy Malware Being Spread Via Trojanized VPN Installers*Attackers Exploiting a Patched FortiOS SSL-VPN Zero-day Vulnerability Against Government Networks*IcedID Malware Attack Compromised Active Directory Domain*Researchers Found Hackers Actively Exploiting a Critical Flaw in Control Web Panel*Cisco Discovers Three Vulnerabilities in Asus Router Software*Researchers Disclosed SymStealer Security Vulnerability in Google Chrome and Chromium-Based Browser*Australia's Fire Rescue Victoria Suffers Data Breach Claimed by Vice Society Ransomware Gang*Gootkit Loader Abuses VLC Media Player to Infect Australian Healthcare Organizations*Google Released Chrome 109 to Fix 17 Vulnerabilities*New Advanced Threat Actor Dark Pink Using Custom Malware Against Government and Military Entities*Cisco Warns About Critical Auth Bypass Vulnerability Found in End-of-Life Routers*Scattered Spider Threat Actors Employing Vulnerable Intel Drivers to Evade Detection*UK's Leading Mail Delivery Service Royal Mail Suffers Severe Service Disruption Following Cyberattack*CISA Adds Two More Security Flaws to its Known Exploited Vulnerabilities Catalog*Security Researchers Found Cryptographic Weaknesses in Threema Messaging App*Zoom Fixes Multiple Flaws Exposing Windows and macOS Users*Iowa's Largest School District Des Moines Public School Hit by Cyberattack*StrongPity Hackers Targeted Android Users with a Trojanized Version of Telegram App*Over 1,300 Fake AnyDesk Sites Found Delivering Info-Stealing Vidar Malware*Auth0 Project Releases a Patch for RCE Flaw in the JsonWebToken Library*Scammers Abusing Open Redirect on the UK DEFRA Website to Redirect Visitors to Fake Dating Sites*Hackers Breached Kubernetes Clusters as Part of a Malware Campaign Via PostgreSQL Database*CISA Alerts on High-Severity Vulnerabilities Affecting Hitachi Energy Products*Russian Threat Group Cold River Targets Three US Nuclear Research Laboratories*Attackers Spreading NetSupport Malware Masquerading as Pokemon Card Game to Infect Users*MedStar Mobile Healthcare Suffers Ransomware Attack Affecting 612,000 Customers*Threat Actors Using CAPTCHA Bypass Tactics on GitHub in Freejacking Campaign*Hackers Bypass Firewalls Restrictions Using CloudFlare Tunnels*Air France and KLM Suffers Data Breach; Several Customers Accounts Hacked*Fast Food Restaurant Chain 'Chick-fil-A' Suffers Data Breach*Rackspace's Customer Data Accessed in Ransomware Attack*Microsoft Releases Temporary Patch for ODBC Database Connection Issues*A New Variant of Dridex Malware Actively Attacking Windows OS and macOS Systems*CircleCI Releases a Security Alert to Warn Users about Cyber Attack*Bluebottle Hackers Attacked Banks Using Signed Windows Drivers*Database of Cricketsocial.com Exposed Private Customer Data and Administrator Credentials*Five Guys Burger Chain Suffers Data Breach Impacting Job Applicants*Researchers Found Sudden Increase in SpyNote Android Malware Infection Rates*New SHC-Compiled Linux Malware Found Installing Cryptominers and DDoS Bots*Multi-Flaw Updates are Released for Qualcomm Chipsets and Lenovo ThinkPad*Zoho Patches a Critical SQL Injection Vulnerability in its ManageEngine Products*Multiple Car Brand's API Flaws Exposed Owner's Personal Data*Fortinet Released Patches for High-Severity Vulnerabilities Found in FortiADC and FortiTester*LockBit Ransomware Group Claims Ransomware Attack on Los Angeles Housing Authority*Royal Ransomware Group Claims Data Breach Attack on Queensland University of Technology*Threat Actors Using Stolen Information of Colombian Bank Customers as Lures in Phishing Emails*Synology Fixed Critical Vulnerability in VPN Plus Server Software*PyTorch Admins Reveals About Malicious PyTorch-nightly Dependency*Bristol Community College Hit by Ransomware Attack*A Telekom Malaysia Company Suffers a Data Breach Affecting Over 250,000 Customer Accounts*Scripps Health Agrees to Pay $3.5 million to the Victims Affected in the 2021 Data Breach*Jakks Pacific Toy Production’s Servers Suffers Ransomware Attack, Hive and BackCat Group Leak Data*Royal Ransomware Group Claims Cyber attack on Iowa’s Public Broadcasting Network*The LockBit Ransomware Gang Claims Cyberattack on Port of Lisbon in Portugal*CISA Warns of Vulnerabilities Impacting TIBCO Software's JasperReports Product*A Canadian Mining Firm Shuts Down a Mill After it was Attacked by Ransomware*WordPress Sites are Being Backdoored by New Linux Malware Using 30 Plugin Exploits*Cert-In Warns Indian Users on LastPass Data Breach and NetApp OnCommandInsight Vulnerability*Anonymous Twitter User Published 10,000 API Keys of Crypto Trading Platform 3Commas*CISA Warns of Several Vulnerabilities in Rockwell Automation Controllers*Royal Ransomware Gang Claims Responsibility for Cyberattack on Telecom Company Intrado*NETGEAR Fixes a High Severity Vulnerability Affecting Multiple Models of its Wi-Fi Routers*Hackers Moved their Initial Infection Vector Towards Malicious Excel Add-in Files*Attackers Abusing Google Ads to Spread Trojanized Software Products*Hive Ransomware Claims Attack on Louisiana Hospital Impacting 270,000 Patients*Citrix Patches Critical Severity Vulnerabilities in its ADC and Gateway Servers*Sargent and Lundy Energy Firm Suffered a Data Breach that Impacted Personal Information of 6,900 Individuals*A Hacker Claims to have Stolen Data of 30 Million Indian Railways Users*New YouTube Bot Malware Found Stealing Sensitive Data*North Korean Lazarus APT Group Targeting NFT Investors in Phishing Campaign*BlueNoroff Threat Actors Adopted New Techniques to Bypass Windows MotW Protection*Researchers Found a Password Vulnerability in ZyXEL Indoor Routers*BTC.com Suffers a Cyberattack Losing Cryptocurrency Worth $3 Million*New GuLoader Malware Found Adopting New Anti Analysis Techniques to Evade Detection*Hackers Targeted Bitkeep Wallet Users in Cryptojacking and Drained $8M in Assets*Researchers Warn of Critical Linux Kernel Vulnerability Affecting SMB Servers Enabled with ksmbd*Cincinnati State Technical Community College Suffers a Cybersecurity Breach*Researchers Disclosed a High-Severity Flaw in Kyverno’s Container Image Signature Verification Mechanism*Researchers Discovered Critical Authentication Bypass Vulnerability in Ghost CMS*Microsoft Silently Fixed Cross Tenant Network Bypass Flaw in its Azure Container Service*Researchers Uncover W4SP Stealer in Multiple PyPI Packages Under Various Names*Threat Actors Deploy New Info-stealer Malware to Infect Software Pirates*Hackers Actively Exploit WordPress Gift Card Plugin with 50K Installations*Researchers Warn Indian Officials About Kavach 2FA Phishing Attacks*Widespread 2FA Bypass Attacks Hit Comcast Xfinity Accounts*LastPass Suffers a Data Breach Exposing Customer Vault Data*FIN7 Hackers Use an Auto-Attack Platform to Breach Vulnerable Exchange Servers*A Hacker Leaked Customer Data of Betting Firm BetMGM on Hacking Forum*Researchers Disclosed Multiple High-Severity Flaws in Password Management Solution Passwordstate*The Zerobot Botnet is added with New Capabilities and Exploits New Vulnerabilities*Researchers Discovered Banking Trojan 'GodFather' Targeting 400 Banks and Crypto Exchanges Applications*Hackers Gained Profit from Hacking JFK Airport's Taxi Dispatch System*Hackers Targeted Telecom and Government Systems with Raspberry Robin Worm*Attackers Hacked Private GitHub Repositories of Okta Company*Researchers Found Malicious Packages with 'W4SP' Info-Stealer Malware on PyPi Platform*Hackers Targeting Brazilian Banking Users with New Android Trojan BrasDex*Security Researchers Suspect KMSdBot Botnet Offering DDoS-for-Hire Services for Attackers*Researchers Found New Microsoft Exchange Exploit Used by Play Ransomware to Breach Servers*Phishing Sites Distributing DarkTortilla Malware*Researchers Found Fake Malicious ‘SentinelOne’ Package on PyPi Repository*Meta Platforms Took Down Fake Accounts Operated by Nearly 200 Spyware Vendors Across the Globe*Play Ransomware Gang Claims Cyberattack on Hotel Chain 'H-Hotels'*Microsoft Reclassified a Windows Vulnerability as Critical Severity*Department of Healthcare and Human Services Reports Data of 254K Patients Being Compromised*Colombian Energy Company EPM Hit by BlackCat Ransomware Attack*CRM Platform SevenRooms Suffers Data Breach Exposing Customers’ Information*Samba Releases Security Updates to Address Multiple High Severity Vulnerabilities*After Being Disrupted by Google, Glupteba Malware is Back*FBI Warns About BEC Attacks Targeting Food Shipments*CISA Adds Critical Veeam Backup and Replication Vulnerabilities to its Known Exploited Vulnerabilities Catalog*Microsoft Warns New Minecraft DDoS Malware Infecting Windows, Linux and IoT Devices*Researchers found a New MirrorStealer Malware Targeting Japanese Politicians*Ukrainian Government Networks Breached Using Trojanized Windows 10 Installers*New Phishing Campaign Uses Facebook Posts to Evade Email Security*Hacker Posted Social Blade's User Data on Hacking Forum Stolen in Data Breach*5.7M Gemini Users’ Personal Information Leaked in Third-Party Vendors’ Data Breach Incident*FuboTV Suffers Streaming Outage Due to Cyberattack*Australia's TPG Telecom Suffers a Data Breach Affecting 15,000 Customers*Ransomware Hackers Using Microsoft-Signed Drivers to Access Systems*FBI Seizes 48 Booter or Stresser Online Platforms that Used for DDoS Attacks*Unknown Threat Actors Uploaded 144,000 Phishing Packages on NuGet, NPM, and PyPi Open-Source Package Repositories*Microsoft Fixes the LSASS Memory Leak Flaw Affecting Windows Servers*VMware Releases Patches for Critical Security Vulnerabilities in ESXi and vRealize*Microsoft Patch Tuesday Security Advisory - December 2022*Stalkware Application Xnspy Found Stealing Data from Thousands of iPhone and Android Devices*A New Python Backdoor Allows Hackers to Access Compromised VMware ESXi Servers Remotely*The Global Pravasi Rishta Portal of the Indian Foreign Ministry Leaks Passport Information*Apple Addressed New Actively Exploited Zero-Day Vulnerability in its Security Updates*LockBit Ransomware Gang Claims Ransomware Attack on Finance Department of California*Hive Ransomware Group Claims Attack on Knox College*Fortinet Released Emergency Patch for Already Exploited FortiOS SSL-VPN Vulnerability*Nearly 360,000 Individuals' Information was Affected in Ontario COVID-19 Vaccine Data Breach*A Cryptocurrency Mining Campaign Infects Linux Users with Go-Based Malware Called CHAOS*Uber Suffers a Data Breach After an Attack on its Third-Party Vendor*An Iran-Backed MuddyWater Campaign Abuses the Syncro Remote Administration Tool*Australian Telecom Firm Telstra Apologizes for Data Leak that Exposed 130,000 Customer's Data*Air Gapped PCs Highly Vulnerable to Data Theft via Power Supply Radiation*Rackspace Issues a Phishing Warning Following a Ransomware Incident*Cisco Warns Companies of High Severity Unpatched Flaw Affecting IP Phones Firmware Globally*Researchers Disclose a Novel Attack Method to Bypass Popular Web Application Firewalls*An Updated TrueBot Variant Exploiting the Netwrix Auditor Bug and the Raspberry Robin Worm*Researchers Discover Drokbk a New Malware that Leverages GitHub as a Dead Drop Resolver*Iranian Hackers Target the Diamond Industry with Fantasy Data-Wiping Malware*Formbook Malware is Distributed via Trojanized OneNote Document*Hive Ransomware Group Targeted French Sports Brand Intersport*CommonSpirit Health Suffered Ransomware Attack that Exposed Data of 623,000 Patients*Cisco Discloses a High Severity Vulnerability Affecting its IP Phones 7800 and 8800 Series*New Zerobot Malware Leveraging more than 21 Flaws in Zyxel Firewalls, F5 BIG-IP, D-Link Routers*Compromised WordPress Plugins Redirect Website Visitors to Push Notification Scam*Attacker Tried Over 6,000 Attempts to Hack ICMR Server*The Vice Society Ransomware Gang Targeted more than 30 Schools in 2022*Hackers Breached CloudSEK's Confluence Server Using Stolen Employee Credentials*Attackers found Vulnerability in SiriusXM Platform to Unlock and Start Cars Remotely*Amnesty International Canada was Allegedly Targeted in Cyberattack by Beijing*Researchers Discovered Largest Dark Web "In The Box"*Antwerp's Digital Partner Suffered a Cyberattack Disrupting the City's Digital Services*VTB Bank, Russia's Second Largest Financial Institution, Suffers Massive DDoS Attack*Hackers Selling Personal Data Of 150,000 Patients of Tamil Nadu's Sree Saran Medical Centre*The André-Mignot Teaching Hospital in France Suffers a Ransomware Attack*A Chain of Three Harmless Linux Vulnerabilities could Allow Hackers to Gain Full Root Privileges*A Vulnerability in IBM Cloud Databases for PostgreSQL Allows Unauthorized Access*Researchers Found Malicious Android Apps with More than Two Million Downloads on Google Play Store*New Zealand Health Insurer Accuro Suffered a Cyberattack Affecting 34,000 Customers’ Data*North Korean Hacking Group Using New and Fake Crypto Apps to Breach Networks and Steal Cryptocurrency*Google Fixes a Ninth Zero Day Vulnerability in its Chrome Browser Update*The Previously Undocumented Data Wiper CryWiper Masquerades as a Ransomware*Attackers Targeting Unpatched Redis Servers to Drop New Redigo Backdoor*Multiple Platform Certificates Used by Android OEM Device Vendors used to Digitally Sign the Malware*Colombian Healthcare Provider Keralty Suffers Ransomware Attack that Disrupts its Operations*The Schoolyard Bully Malware Infected more than 300,000 Devices to Harvest Facebook Account Credentials*New DuckLogs Malware-as-a-Service Found to Be Used By Thousands of Cybercriminals*Researchers Found Some NPM Tools Fail to Display Security Flaws*NVIDIA Patches Critical GPU Display Driver Vulnerabilities in Windows and Linux*North Korean Attackers Using New Dolphin Backdoor to Spy on South Korean Targets*Google Released Chrome 108 to Fix High-Severity Memory Safety Vulnerabilities*Hackers Breached GoTo's Dev Environment and Cloud Storage; Impacting its Affiliate 'LastPass'*Researcher found Outdated OpenSSL used in Dell, HP, and Lenovo Devices*Hive Ransomware Claims Responsibility for Attack on Guilford College in North Carolina*Attackers using Trigona Ransomware in Increasing Worldwide Attacks*Malicious Android App 'Symoo' Detected with 100,000 Installs on Google Play Store*Lanner Patched Over a Dozen BMC Firmware Vulnerabilities*Southampton County in Virginia Disclosed Theft of Individuals' Personal Information Following Ransomware Attack*Acer Releases Patches for High Severity Vulnerability Allowing to Disable Secure Boot*Scammers Used FC Barcelona's Website Domain for Third-Party Fraud Campaign*Over 5.4 Million Twitter Users' Records are Freely Available on a Hacking Forum*Researchers Discovered A Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange*A Ransomware Group Aimed at Belgian Municipality But Hits the Police Instead*New Ransomware Attacks Targeting Ukraine Organizations Linked to Russian Sandworm Group*Google Patches a Zero-Day Vulnerability in its Chrome Browser Update*The Vice Society Ransomware Group Claims Responsibility of Attack on Cincinnati State College*Hackers Target Windows Gamers with Miners and Info-Stealers via Fake MSI Afterburner*Researchers Detected New Stealthy Variant of RansomExx Ransomware Developed Using Rust Programming Language*Hackers Included Spyware in New Variants of SoftVPN and OpenVPN Trojan Software*Millions of Android Devices Require Patches for ARM Mali GPU Vulnerabilities*Ducktail Threat Actors Targeting Facebook Business Accounts via WhatsApp*Security Researchers Disclosed a Cross-Tenant Vulnerability in AWS AppSync Service*Pro-Russian Hackers Claim Responsibility for DDoS Attack on European Parliament Website*Delhi's AIIMS Server Suffers a Cyberattack Disrupting Patient Care Services*Issue in Sophos and McAfee Scanning Engines results in Bypass of Cisco Secure Email Gateway Filter*Researchers found Sudden Spike in World Cup-Themed Phishing Emails*The Sharkbot Banking Trojan Distributed via Fake Android File Managers*Threat Actors Targeted Discontinued Boa Web Servers to Infiltrate Energy Organizations*More than 1500 Mobile Applications Leaking Algolia API Keys*An Info-Stealing Google Chrome Extension 'VenomSoftX' is Used to Steal Cryptocurrency and Passwords*Researchers Found Cybercriminals Increasingly Adopted Aurora Infostealer Malware in their Operations*Attackers Trying to Bypass 2FA of Crypto Exchange Platforms Via Team Viewer and Fake Support Chat*Hacking Group Daixin Team Claims to have Stolen 5 Million AirAsia Passengers' and Employees' Data*DraftKings’ Customers Suffer Credential Stuffing Attack Resulting in Loss of $300,000*New AXLocker Ransomware Group Stealing Discord Accounts of Infected Users*Attackers Using Google Ads to Spread Royal Ransomware*New Variants of LodaRAT Malware are Being Deployed in Conjunction with Other Sophisticated Malwares*Hackers Employing a Windows Zero-day Vulnerability to Deploy QBot Malware*Indian Central Depository Services Limited Reveals About its Network Being Compromised by Malware*Over 22000 Students Targeted in Credential Phishing Attack Impersonating Instagram*Critical Omron PLC Vulnerability Exploited by Sophisticated Malware Targeting Industrial Control Systems*Atlassian Fixes Critical Vulnerabilities in Crowd Server and Bitbucket Server*Samba Addresses Vulnerability Resulting in DoS Attacks and Remote Code Execution*Chinese Hackers Deliver Custom Malware to Government Organizations via Google Drive*Previously Unknown ARCrypter Ransomware Expanding its Attacks Worldwide*Researchers Discovered a New Version of RapperBot Malware Targeting Gaming Servers*Researchers Discovered a Phishing Kit Impersonating Well-Known Brands to Target US Consumers*Attackers Abusing a DLL Hijacking Flaw in the Windows 10 Control Panel to Infect Systems*Disneyland Cybercrime Group Uses Punycode to Spoof Popular Bank Brands`*F5 Addresses Several Security Flaws and Issues in its Products*CISA Revealed About Federal Agency Being Hacked by Iranian Hackers Using Log4Shell Exploit*Pro-Russian Hackers Claim Responsibility for DDoS Attack on FBI Websites*Mozilla Announced the Release of Firefox 107 with Patches of High Impact Vulnerabilities*Hundreds of Amazon RDS Instances Leak Users’ Personal Information*PCspooF Vulnerability in TTE Affecting Network Technology used in Aircraft and Spacecraft*State-Sponsored Chinese Hacking Group Targeting Government and Defense Organizations in Asian Countries*Security Researchers Disclosed Details of Security Flaws in Zendesk Analytics Service*Spotify's Backstage Developer Platform is Vulnerable to Critical RCE Flaw*Researchers Discovered New Version of DTrack Backdoor Targeting European Organizations*Researchers Discovered New KmsdBot Malware Mining Cryptocurrency and Launching DDoS Attacks*'Fangxiao' A Malicious For-Profit Group Uses 42,000 Sites for Brand Impersonation Scheme*Researchers Identified an Information Disclosure Vulnerability in Aiphone Intercom Products*Russian Hackers Infected Ukrainian Organizations with New Somnia Ransomware*New Phishing Campaign Targeting Spain Taxpayers to Steal Bank Details*Cisco Addresses 33 Vulnerabilities in its Enterprise Firewall Products*Foxit Patches Four Code Execution Vulnerabilities in its PDF Reader*A New Extortion Scam Threatens to Leak Websites Sensitive Information Globally*A 24 Hour Outage has Rendered Royal Mail Tracking Unavailable*Sobeys a Canadian Food Retail Giant Hit by Black Basta Ransomware*New Android Spyware BadBazaar Linked to Chinese Cyberspies*Two Malicious Android Apps Spotted Distributing Xenomorph Banking Trojan*US Confiscates 18 Domains Used for Recruiting Money Mules*New Version of IceXLoader Malware is Dropped Via Phishing Emails*Threat Group ‘Worok’ Concealing New Information-Stealing Malware in PNGs*Android Spymax RAT Malware Targets the Indian Defense Forces*Lenovo Fixes High Severity Vulnerabilities Allowing Attackers to Deactivate UEFI Secure Boot*New Information-Stealing Malware StrelaStealer Targeted Outlook and Thunderbird Accounts*Intel and AMD Addresses Multiple Vulnerabilities in its Patch Tuesday Updates*SAP Released Patches for Critical BusinessObjects and SAPUI5 Vulnerabilities*Massive Google SEO Poisoning Campaign Hacks 15,000 Sites*LockBit 3.0 Ransomware Distributing Amadey Bot Malware Via Phishing Emails*Cloud9 Chrome Botnet Using Malicious Extensions to Remotely Control Victim's Browsers*Citrix Patches a Critical Authentication Bypass Vulnerability in its ADC and Gateway Product*VMware Patches Three Critical Vulnerabilities in Workspace ONE Assist*Siemens and Schneider Electric Addresses Several Security Vulnerabilities in its Products*SocGholish Operators Expands its Malware Staging Infrastructure to Counter Defenders*Researchers Found Security Scanner URLScan Accidentally Leaking Sensitive URLs and Data*Cyberattack on PNORS Technology Leads to the Breach of Victorian School Students' Health Records*The Largest Canadian Food Company Maple Leaf Foods Encountered Cyberattack*The Robin Banks Phishing-as-a-Service (PhaaS) Platform Back to Steal Bank Accounts*Hackers Abusing Microsoft Dynamic 365 Customer Voice in Phishing Attack*CISA Warns About Critical Vulnerabilities in Three ICS Software*Apple Releases Xcode Update to Patch Git Vulnerabilities*Verified Twitter Users are Targeted by New Phishing Attack*New Crimson Kingsnake Group Impersonating Law Firms in Business Email Compromise BEC Attacks*Indian Government Employees are Being Targeted by a New Malware Campaign*Users Across the Globe are Facing Issues in Accessing Twitter*RomCom RAT Malware Distributed via Websites Impersonates SolarWinds NPM, KeePass, Veeam Software*LockBit Ransomware Gang Claims Cyberattack Against German Manufacturing Company Continental*Cisco Fixed High-Severity Vulnerabilities in Email, Identity, and Web Security Products*ALMA Radio Telescope Suffers Cyberattack Forcing it to Suspend All Operations*Splunk Addresses 9 High-Severity Vulnerabilities in its Enterprise Product*Fortinet Fixed 6 High-Severity Vulnerabilities in its Multiple Products*Researchers Disclosed Multiple Vulnerabilities in Checkmk's IT Infrastructure Monitoring Software*Threat Actor Distributing Malware Via Hundreds of U.S. News Sites*Malicious PyPI Packages Found Dropping 'W4SP' Info-Stealing Malware*Infamous Emotet Malware Resumed its Operation After Five-Month Break*Vodafone Italy Disclosed Data Breach After their Reseller FourB Hit by Cyberattack*Hacker Steals 130 GitHub Repositories from Dropbox in Data Breach*Malicious VPN Application Infects Android Users with SandStrike Spyware*Malicious Android Apps Downloaded Over One Million Times Spotted on Google Play Store*OpenSSL Releases Patches to Fix Two High Severity Vulnerabilities in Open-Source Library*Microsoft Fixed a Critical RCE Vulnerability Detected in Azure Cosmos DB Jupyter Notebooks*Cyberattack on Air New Zealand Compromises Multiple User Accounts*Threat Actors Abusing Antivirus Software to Drop LODEINFO Malware Targeting Japanese Organizations*Australian Defense Contractor Suffers Ransomware Attack*Researchers Discovered a Security Vulnerability in Galaxy Store App for Samsung*Label Printing Giant Multi-Color Corporation Confirmed Data Breach*Bed Bath & Beyond Inc Suffers a Data Breach*U.S. Bank Reveals Data Leak Affecting 11,000 Customers*See Tickets Suffers a Major Card Data Breach Lasting for 2.5 Years*Michigan Medicine Suffered Data Breach Impacting 33K Patients*ConnectWise Fixes the RCE Flaw that Left Thousands of Servers Vulnerable to Attacks*Twilio, A Cloud Communications Company Discloses Another Data Breach*Google Patches the Seventh Zero-Day Vulnerability in its Chrome Browser*Cyberattack on Aurubis Forces IT Systems to Shut Down*Researchers Discover Android Malware Droppers on Google Play with 130K Installations*Threat Actors using Clop Ransomware to Encrypt Devices Previously Infected with Raspberry Robin Worm*The Latest Fodcha Botnet Featuring Ransom Demands has Emerged*Drinik Android Malware Impersonating Official Tax Management Tool Targeting Users of 18 Indian Banks*Australian Clinical Labs Disclosed Data Breach After Months of Data Leak Post*Microsoft Fixed Sync Issue in the Vulnerable Driver Blocklist*Medibank Confirms Hackers had Accessed the Customer's Personal Information During Ransomware Attack*New Version of FurBall Android Malware Used for Spying Iranian Citizens*Advocate Aurora Health (AAH) Suffers Data Breach that Exposing Data of 3 Million Patients*Ursnif Malware Switches from Stealing Bank Accounts to Gaining Access to Computers*Hackers Exploit Microsoft Azure SFX Vulnerability to Hijack Service Fabric Clusters*Apache Patched RCE Vulnerability in its Open-Source Commons Text Library*WordPress Fixed 16 Vulnerabilities with Security Update 6.0.3*Researchers Uncovered a Previously Undetected PowerShell Backdoor Infected Over 60 Users*Microsoft Suffers Data Breach Due to Misconfigured Server that Exposes Customers’ Information Online*Cobalt Strike Releases Out-of-Band Security Update for Critical RCE Vulnerability*DiceyF Attackers Deploying GamePlayerFramework in Attacks Against Asian Casinos*Hackers Targeted Hong Kong Government Agency's Network in a Year-Long Campaign*Ransom Cartel Ransomware Shares Similar Traits with the Notorious REvil Ransomware*Black Basta Ransomware Gang Employing Qakbot to Drop Brute Ratel C4 Framework*MyDeal Suffers Data Breach where 2.2 Million Customers' Personal Information was Stolen*Australia's Largest Health Insurance Company Medibank Suffers Ransomware Attack*A Zero-Day Vulnerability in Windows Mark of the Web Receives Free Unofficial Patch*End of Life for Over 45,000 VMware ESXi Servers*Venus Ransomware Encrypting Windows Devices via Publicly Exposed Remote Desktop Services*New PHP Version of Ducktail Malware Targeting Facebook Business Accounts*Zimbra Zero-Day Vulnerability Leveraged to Compromise Over 900 Servers*Microsoft Researchers Discovered A New Prestige Ransomware Targeting Organizations in Ukraine and Poland*Colombian Govt Suffers Data Leak Exposing Secret Australian Police Agents*India's Largest Electric Utility Company Tata Power Hit by Cyberattack*Microsoft Office 365 Could Expose the Content of Messages due to Vulnerable Email Encryption Mode*Hackers Distributing Android Banking Malware Copybara Via TOAD Tactics*Magniber Ransomware Target Windows Users Via Fake Antivirus and Security Updates*A Critical Flaw in Siemens SIMATIC PLCs Allows Hackers to Steal Cryptographic Keys*Cloudflare Mitigates Largest DDoS Attack Aimed at Gaming Platform Minecraft's Server*Windows, MacOS, and Linux Systems Targeted by New Alchimist Attack Framework*Scammers Abusing Google Forms in New Covid-19-Themed Phishing Campaign*Unofficial WhatsApp Application 'YoWhatsApp' is Stealing User's Account*Hackers Creating Typo-Squatted Clone Packages to Trick Developers for Supply Chain Attacks*Aruba Addressed Critical RCE and Authentication Bypass Bugs in its EdgeConnect Enterprise Orchestrator*POLONIUM Threat Group Uses Creepy Malware in Cyber Espionage Against Israeli Organizations*Microsoft Exchange Servers Targeted to Drop Lockbit Ransomware*Researchers Warn of a Critical RCE Vulnerability in VM2 Sandbox Library*Adobe Fixes Critical Flaws in ColdFusion, Adobe Commerce and Other Products*Microsoft Patch Tuesday Security Advisory - October 2022*Caffeine, a Phishing-as-a-Service Platform Makes it Easy to Launch Phishing Attacks*Researchers Disclosed New Emotet's Delivery and Evasion Techniques*Toyota's Access Key Mistakenly Exposed on GitHub Leaking Customer Data*Pro-Russian Hackers Take Down US Airports' Websites with Large-scale DDoS Attacks*Android Security Updates for October Patches Critical Vulnerabilities*Hackers Targeting Solana Cryptocurrency Owners via Fake Phantom Security Update*Dark Web Carding Market BidenCash Leaks Details of 1.2 Million Stolen Credit Cards*Source Code of Intel Alder Lake's UEFI Firmware has been Leaked*Callback Scammers Strengthen their Social Engineering Techniques*Taiwanese Chipmaker 'ADATA' Denies RansomHouse's Recent Data Breach Claims*Fortinet Patches Critical Auth Bypass Flaw in FortiGate Firewalls and FortiProxy Web Proxies*Threat Actors Actively Exploiting a Zero-Day RCE Vulnerability in Zimbra Collaboration Suite*Eternity Hackers Group Offering New LilithBot Malware-as-a-Service Via Telegram Channel*Newly Patched macOS Archive Utility Vulnerability Details Released*Telstra's Third-Party Platform Suffers a Breach Exposing its Employee Information*A New Bug found in Linux Kernel 5.19.12, Which Damages Intel Laptop Displays*Hackers Breach the Tucson City's Network and Stolen the Information of Over 125,000 People*Researchers Discovered New 'Maggie' Backdoor Targeted Several Microsoft SQL Servers*Consumer Banking Company Chase Bank Suffers Outage which Affects UK Customers*Live Chat App Comm100 Trojanized to Spread Malware in Supply Chain Attack*US Alert: Hackers Using New Custom Malware to Steal Data from US Defense Organization*Hackers Injecting Malicious JavaScript on Scammer's Crypto Sites to Steal Crypto Funds*A Popular Chinese-language YouTube Channel found Distributing Malicious Tor Browser Installer*A High-severity Vulnerability in Packagist PHP Repository could Lead to Supply Chain Attack*Cheerscrypt a Linux-Based Ransomware Linked to Chinese Hackers*Researchers Warn Microsoft Exchange Zero-Day Mitigation can be Bypassed for On-premise Servers*Hackers Selling Fake Microsoft Exchange ProxyNotShell Exploits on GitHub*BlackCat Added NJVC to its Data Leak Site*Threat Actors Abusing Web Browser App Mode to Create Desktop Phishing Pages*After Data Leak, Retail Chain 'DNS' Confirmed Data Breach*CISA Adds Critical Bitbucket Server and Microsoft Exchange Vulnerabilities to Known Exploited Vulnerabilities (KEV) Catalog*Hackers Exploiting Vulnerable WordPress Websites to Inject SolarMarker Malware*Unknown Attacker Hacked Shangri-La Hotel Group's Customer Database*Researchers Discovered Several Fake LinkedIn Profiles for CISOs of Large Organizations*Cisco Fixed Several High-Severity Vulnerabilities in its Networking Software*Lazarus Attackers Using New BYOVD Technique in Cyberattacks*Scammers Dropping Cobalt Strike Beacons via Fake US Govt Job Offers*Microsoft Confirms New Exchange Zero-Day Flaws are Being Exploited in Wild*Microsoft Discovered Lazarus Hackers Weaponizing Open-Source Software*Indian Government Swachh City Platform Suffers Data Breach*Researchers Discovered New Zero-Day Vulnerabilities in Microsoft Exchange Being Actively Exploited in Attacks*Hackers Using New Malware to Backdoor VMware ESXi Servers*Hackers are Exploiting Ethernet VLAN Stacking Flaws to Launch DoS, MiTM attacks*Researchers Uncovered New Secret Attack Campaign Targeting Military Contractor Companies*World's Leading Business Media Brand Fast Company Hacked by Attackers*New Chaos Malware Launches DDoS Attacks on Windows and Linux Devices*The Internal Revenue Service Warned American about Huge Rise in Smishing Attacks*Cybercriminals Distributing macOS Malware via Lucrative Job Offers Impersonating Crypto.com*Optus Suffers a Breach Leading to Release of 10,200 Customer Records*NullMixer Malware Distributed via Malicious Websites Mimicking Cracked Software*Hackers Distributing Graphite Malware Using New Code Execution Technique*New Info-stealing Malware Erbium Target Popular Video Games Via Fake Cracks and Cheats*Tibetan Entities Targeted by Chinese Hacker using New LOWZERO Backdoor*WhatsApp Patched 2 Major Zero-Day Bugs that Affect Both iOS and Android Versions*Researchers Found 'Scylla' Ad-fraud Campaign on Google Play Store and Apple Store*An Attack Targeting Universities, Telcos, and ISPs is Discovered by Researchers*Android Users Targeted with Info-stealing Malware Via Fake Indian Banking Rewards Apps*Several npm Packages Published by Crypto Exchanges have been Compromised*Microsoft Patched Spoofing Vulnerability in Microsoft Endpoint Configuration Manager*Microsoft SQL Servers Targeted in New TargetCompany Ransomware Attacks*A New RCE Firewall Bug Exploited by Attackers in Sophos Firewall; Hotfix Available*A Worldwide Outage Affects YouTube Live Streams*GitHub Users Targeted with New Phishing Campaign*Threat Actors Actively Exploiting Critical Magento Vulnerability*Threat Actor Hacked Microsoft Exchange Servers to Spread Phishing Campaign*CISA adds Critical ManageEngine RCE Bug to its Known Exploited Vulnerabilities Catalog*Threat Actors Using LinkedIn Smart Links to Evade Detection in Phishing Campaign*Over 39,000 Unauthenticated Redis Servers are Exposed to the Internet*CISA Warns of Multiple Vulnerabilities Detected in the Dataprobe's Power Distribution Units*15-year Old Python Vulnerability Affects more than 350,000 Open-source Repositories*Oracle Addressed a Critical Vulnerability in its Cloud Infrastructure*Hackers Steal $162 Million Worth of Digital Assets from Crypto Trading Firm Wintermute*Attackers Hacked 2K Game's Support Platform to Infect Players with Malware*Security Company Imperva Stopped a Long-lasting 25.3 Billion Request DDoS Attack*Hive Ransomware Claimed Responsibility for Cyberattack on New York Racing Association*Attack on Financial Technology Company Revolut Exposes 50,000 Users' Data*Microsoft and VMware Alert on Chromeloader Malware Campaign*U.S. Government Agencies Targeted with Better-Crafted Lures in Phishing Attacks*American Airlines Suffered a Data Breach Exposing Employee and Customer Data*Uber Accuses Contractor for Breach, Claims Lapsus$ Threat Group Behind the Cyberattack*LastPass's Development Systems were Accessed for Four Days in a Data Breach*Hacker Claims to have Stolen GTA 5 and 6 Source Code and Assets*Security Researchers Found New Attacks of Notorious Hacking Group TeamTNT*North Korean Attackers Targeted Media Companies with Malicious PuTTY SSH Client*BlackCat and Quantum Ransomware Groups Using Emotet Malware to Deploy Payloads*A Ransomware Attack Results in a Data Breach at New York Ambulance Service*A Hacker Sells the Personal Information of 219,000 Starbucks Customers in Singapore*Organizations Must Patch Stuxnet Vulnerabilities, Says CISA*Uber's Internal Systems Breached Exposing Vulnerabilities Reports*Threat Actors Distributing New Malware Bundle via YouTube*Akamai Mitigates Another Record-Breaking DDoS Attack in Europe*Hive Ransomware Takes Responsibility for the Attack Against Bell Technical Solutions*Phishing Campaign Targeting Greek Taxpayers to Steal Victims' Passwords*Scammers Using Queen’s Death to Steal Users' Microsoft Credentials in Phishing Attacks*Lenovo Addressed Several BIOS Vulnerabilities in September 2022 Security Updates*FBI Warns on Hackers Targeting Healthcare Payment Processors*Hackers Target Nuclear and Genome Researchers Via Multi-Persona Impersonation Phishing Technique*Hackers Compromise Software Provider Magento's in a Supply Chain Attack*Cyber Espionage Attacks Targeting Asian Governments and Organizations*WPGateway Zero-Day Vulnerability Actively Exploited in the Wild*Apex One RCE Vulnerability is Actively Exploited, Warns Trend Micro*Microsoft Patch Tuesday Security Advisory - September 2022*Lorenz Ransomware Gang Exploiting Mitel MiVoice VOIP Appliance Vulnerability*Hacktivist Gang GhostSec Claims Responsibility for Compromising 55 Berghof PLCs in Israel*Researchers Discovered New Android Banking Trojan 'Zanubis' Targeting Peru Banks*Steam Community User Accounts are being Stolen Via New Browser-in-the-Browser Attacks*Apple Addressed Actively Exploited Zero-Day Vulnerability in its Security Updates*American Rental Company U-Haul Confirms Data Breach, Exposed Customers' Driving License Information*Ransomware Developers Adopting a New Encryption Technique to Evade Detection*Six High-Severity HP Firmware Vulnerabilities Left Unpatched For Over a Year*Admins are Urged to Patch a High-Severity Vulnerability in ConnectWise Automate Tool*The Lampion Malware Abusing File Sharing Service WeTransfer in Phishing Attacks*Albania Hit by Another Cyberattack, Blamed on Iran*5 Million Attacks Blocked Targeting Zero-Day in BackupBuddy WordPress Plugin*Bumblebee Malware Now Using New Stealthy Infection Technique*New Attack Technique GIFShell Used to Create Reverse Shell Using Microsoft Teams GIFs*North Korean APT Group Lazarus Targets U.S. Energy Sector*Iranian Threat Group DEV-0270 Abusing BitLocker Feature to Encrypt Windows Systems*The Armed Forces General Staff Agency of Portugal Suffers a Cyberattack*Threat Actors Found Utilizing PowerShell Empire After Initial Compromise*New Moisha Ransomware Actively Targeting Several Organizations*Attackers Hacked 200,000 The North Face Accounts in Credential Stuffing Attack*Threat Group APT42 Distributing a Custom Android Spyware via SMS Phishing Campaigns*Cisco Refuses to Patch Zero-Day Vulnerability in EoL Routers*HP Patches a High Severity Flaw in its Support Assistant Tool*New Linux Malware Shikitega Evade Detection Via Multi-Stage Deployment*Ransomware Attack Hits Second Largest U.S. School District Los Angeles Unified*Mirai Variant Moobot Botnet Targeting Vulnerable D-Link Routers*InterContinental Hotels Group Hit by Cyberattack Disrupts IT Systems*Zyxel Addressed a New Critical RCE Vulnerability in NAS Firmware Security Updates*Ransomware Attackers Abusing Genshin Impact Game's Anti-Cheat Driver to Kill Antivirus*EvilProxy Phishing Toolkit Allows Hackers to Steal Authentication Tokens to Bypass MFA*TikTok Denies Security Breach Claims, Stating the Leaked Data is Unrelated*QNAP Fixes a Photo Station Zero-Day Vulnerability Leveraged in Deadbolt Ransomware Attacks*Italy’s Energy Sector Hit by BlackCat Ransomware Group*NFL's San Francisco 49ers Confirms Data Breach; Information of 20K People Stolen*French Clothing Store, Damart Hit by Hive Ransomware; $2 Million Ransom Demanded*The SharkBot Malware Strikes Back to Steal Login Credentials*Threat Actors Stole Victim Data with Prynt Stealer's Backdoor*Internal Revenue Service Accidentally Leaked Personal Information of 120,000 Taxpayers*Google Chrome Emergency Update Patches New Zero-Day Vulnerability*Samsung Suffers Data Breach; Users Personal Data Leaked*Chilean Government Agency Hit by a New Ransomware Attack*New Instagram Phishing Campaign Targets Thousands of Accounts Via Blue-Badge Offer*Over 1,000 iOS Applications Detected Exposing AWS Credentials*Famous Social Media Platform Twitter Suffers Outage, Thousands of Users Reported Connection Problems*Ragnar Locker Ransomware Gang Claims Cyberattack Against TAP Air Portugal Airline*Malicious Google Chrome Web Browser Extensions were Downloaded by 1.4 Million Users*A TikTok Android App Vulnerability Enable Hackers to Hijack Accounts*New Bug in Google Chrome Lets Websites Write to Clipboard Without User Approval*Apple Fixed an Actively Exploited iOS Zero-Day Vulnerability in Older iPhone Models*Microsoft Azure Outage Knocks Ubuntu Virtual Machines Offline Globally*Russian Streaming Platform START Discloses Data Breach*Threat Actors Hide Malware in the Images of the James Webb Telescope*Chinese Threat Actors Actively Targeting Australian Government Via ScanBox Malware*New Golang-based 'Agenda' Ransomware Targeting Healthcare and Education Entities*Vodafone Idea Denies Data Breach Exposing Call Data of 20 Million Customers*Baker & Taylor the Largest Library Solution Distribution Firm Hit by Ransomware Attack*2.5 Million U.S Students Loan Accounts Details Exposed in Nelnet Data Breach*Akasa Air's Data Breach Exposes Passengers' Personal Information*Russian Attackers Employing New Malware to Hijack ADFS*Iranian Hackers Leveraging Log4j 2 Vulnerabilities in Attacks Against Israeli Entities*CISA Added 10 New Actively Exploited Vulnerabilities to its Catalog*Threat Actors Exfiltrated LastPass Source Code Using a Compromised Developer Account*The DoorDash Service Reveals a New Data Breach Linked to Twilio Hack*Threat Actors Using the Fake "Cthulhu World" P2E Project to Spread Malware that Steals Data*A Critical RCE Vulnerability Discovered in Atlassian Bitbucket Server*A Database Leak in India Exposed Federal Police and Banking Records*Researchers Identified that Over 130 Entities Hit by Okta Phishing Attack*Canadian Manufacturing Company Bombardier Recreational Products (BRP) Hit by Cyberattack*Phishing Campaign Targets PyPI Maintainers Leading to Hijacking of PyPI Packages*Cisco Fixes Two High Severity Vulnerabilities Affecting its Nexus-Series Business Switches*Mozilla Fixes Several Vulnerabilities in Firefox and Thunderbird Products*New Evil PLC Attack Weaponizes PLCs to Hack OT and Enterprise Networks*Researchers Found New BEC Campaign Using MITM Attack to Monitor Microsoft 365 Accounts*Plex Alerts Users to Reset Passwords After Detecting a Data Breach*IBM Fixes High-Severity Vulnerabilities in its MQ Messaging Middleware*Dominican Republic's Government Agency Suffers Quantum Ransomware Attack*Researchers Reveal 8-Year-Old Vulnerability DirtyCred Found in Linux Kernel*Google Researchers Identified Iranian Hackers Using a New Tool to Steal Victims’ Email Data*France Hospital Hit by a Ransomware Attack Demanded $10 Million Dollar Ransom*Attackers Targeted Hotel and Travel Firms Via Phishing Campaigns*Greek Natural Gas Operator DESFA Hit by Cyberattack*GitLab Patches a Critical RCE Vulnerability Impacting its Community and Enterprise Edition*Researchers Find RTLS Systems Vulnerable to MiTM Attacks and Location Tampering*Scammers used Compromised PayPal Account to send Phishing Invoice Mail to PayPal Users*Novant Health Disclosed Data Breach; Impacts 1.3 Million Patient Records*Researchers Discovered New 'Escanor' Malware Weaponized in Microsoft Office and Adobe PDF Documents*Grandoreiro Banking Malware Spotted Targeting Spanish and Mexican Manufacturer Employees*CISA Warned About a Critical SAP Vulnerability Exploited in the Wild*Researchers Detected 241 NPM and Python Packages Drop Cryptominers on Linux Systems*Attackers Infecting Vulnerable WordPress Websites to Deliver RAT and Trojan Malware*FBI Alert: Attackers Using Proxy and Configurations in Credential Stuffing Attacks*Attackers Compromised General Bytes Bitcoin ATM Servers Using a Zero-Day Flaw*Chinese APT41 Group Targeted 13 Entities Worldwide in 2021*Amazon Fixes a High-Severity Flaw in its Ring Application*Cozy Bear Attackers Actively Targeting Microsoft 365 Users*Researchers Describe Evasive DarkTortilla Crypter Used to Deliver Malware*Threat Actors Employing Bumblebee Malware Loader to Compromise Active Directory*Cisco Fixes a High Severity Vulnerability in Secure Web Appliance*Google Blocked the Largest HTTPS DDoS Attack of All Time*A New MailChimp Data Breach Exposing DigitalOcean Customers' Email Addresses*North Korean Attackers Infecting Job Seekers with macOS Malware*Malicious Browser Extensions Downloaded by More than 7 Million People Since 2020*Google Released Security Update to Address a Zero-Day Flaw in Chrome Browser*Apple Patches Two Actively Exploited Vulnerabilities in iPhone, iPad, and macOS Security Updates*Clop Ransomware Gang Breaches UK Water Supply Company But Misattributes the Victim*BharatPay Suffers Data Breach Exposing 37,000 Users’ Personal and Transaction Details Online*Hacker Loots 20,000 Items Worth $6 Million from CS:GO Trading Site*Researchers Detected AEPIC Leak and SQUIP Bugs in Intel and AMD Processors*Twilio Data Breach Exposed Phone Numbers of 1,900 Signal Users*Behavioral Health Group Notifies Customers of Data Breach Affecting 198K Patients*Malicious PyPi Packages Targeting Counter-Strike Servers with DDOS Attacks*Argentina's Judiciary of Cordoba Suffers Play Ransomware Attack*Security Researchers Disclosed a Security Flaw in Microsoft Signed UEFI Boot Loaders*A New SOVA Malware Variant Now Encrypts Android Files*Realtek eCos SDK Vulnerability Expose Multiple Routers to Remote Attacks*CISA and FBI Alerts on Zeppelin Ransomware Attacks*VLC Media Player Banned in India, Website and Download Link Blocked*A Malicious MiMi Chat App Drops New Backdoor rshell on Mac, Linux Systems*Researchers Detected Security Flaws in Xiaomi Smartphones Powered by MediaTek Chips*Scammers Abusing Google Sites and Microsoft Azure Web App to Steal Cryptocurrency Wallets*Zimbra Authentication Bypass Vulnerability Actively Exploited to Breach Over 1000 Email Servers*Security Researchers Identified Critical Bugs in Device42 IT Asset Management Platform*A Threat Actor Employs a New RAT Malware in Cuba Ransomware Operation*Cisco Confirms Yanluowang Ransomware Group Breached its Network in May,2022*Cybersecurity Firm Detects Vulnerabilities in Indian Insurance Company Policybazaar*Cisco Patched a Vulnerability which Allowed to Steal RSA Private Keys on ASA, FTD Devices*Microsoft Linked Service Outage to Cisco Meraki Firewall's IDR False Positive Alert*Palo Alto Networks Fixed a Security Vulnerability Detected in PAN-OS Firewall Configuration*IBM Fixes Several Vulnerabilities in Cloud, Voice, Other Security Products*CheckPoint Researchers Discovered Ten Malicious Python Packages Steal Developer's Credentials*CISA Alerts Administrators on Windows and UnRAR Vulnerabilities Exploited in the Wild*Cloudflare Also Hit by Threat Actors Responsible for Twilio Data Breach*New Android Spyware 'Dracarys' is Distributed via Fake Signal Messaging App*Microsoft Patch Tuesday Security Advisory - August 2022*Chinese Attackers Employed a New Malware to Backdoor Government and Defense Organizations*Cloud Communications Company Twilio Discloses a Data Breach*New Orchard Botnet Utilized Bitcoin Founder’s Account Information to Create Malicious Domains*Email Marketing Firm Klaviyo Suffers a Data Breach*Multinational Retail Company 7-Eleven Suffers a Cyberattack Forced to Close All Stores in Denmark*Threat Actors Abused Hostinger’s Preview Domain Feature in Phishing Attacks*F5 Addressed 21 Vulnerabilities in its Quarterly Security Updates*North Korean Attackers Impersonating World's Largest Cryptocurrency Firm Coinbase to Target Fintech Industry*Hackers Abused Snapchat and American Express Websites in Phishing Attacks*A New Ransomware 'GwisinLocker' Encrypts Vulnerable ESXi Servers*Slack Resets Users Passwords After a Bug Exposed Hashed Passwords*Akamai Reports Largest Ever DDoS Attack, with 659.6 Million Packets per Second*Cyberattack on UK Managed Service Provider Causes NHS Outage*A Zero-Day Bug Exposes 5.4 Million Twitter Accounts*The Association of German Chambers of Industry and Commerce (DIHK) Hit by a Cyberattack*Over 280 Million Indian Citizens' Sensitive Data Exposed Online*CISA Urges Users to Patch Vulnerable Zimbra Email Suites*Community Healthcare "First Choice" Impacted by a Data Breach*New Phishing Campaign Targeting Microsoft Email Services to Launch BEC Attacks*Researchers Detected a Critical Vulnerability Affects 29 Models of DrayTek Vigor Routers*Vulnerability in WordPress's Download Manager Plugin Hosted on Over 100,000 Sites has been Fixed*Researchers Detected a New 'ParseThru' Flaw Impacts Golang-Based Applications*NVIDIA fixed several Security Flaws in GeForce Security Update*Google Addressed Multiple Security Vulnerabilities in Chrome Browser Updates*Cisco Patches Critical Security Vulnerabilities in its VPN Routers*CERT-In Identifies High Severity Vulnerabilities in Mac, iPhone, iPad, ChromeOS and Firefox Browser*Attackers Stolen Wiseasy’s Employee Passwords to Access Nearly 140,000 Wiseasy Payment Terminals*VMware Fixed a Critical Authentication Bypass Vulnerability Affecting its Multiple Products*Taiwanese Websites Suffers DDoS Attacks Ahead of House Speaker Nancy Pelosi's Visit*Google Released its Android OS Security Bulletin August 2022*A Major German Semiconductor Manufacturer Semikron Suffers Ransomware Attack*Vulnerable GitHub Actions Workflow Allows Command Execution*Over 3,200 Apps Leak Twitter API Keys Allow Hackers to Hijack Users' Twitter Accounts*Security Researchers Detected a Directory Traversal Arbitrary File Deletion Flaw in CompleteFTP Software*Cybersecurity Firm Halborn Warns of New MetaMask Phishing Campaign*Microsoft Notifies About Outlook Crashing When Reading Uber Receipt Mails*European Natural Gas Pipeline Operator 'Creos Luxembourg' Hit by BlackCat Ransomware Attack*Subzero Malware Exploiting Windows and Adobe Vulnerabilities*North Korean Threat Actor Deploying Malicious Browser Extensions to Spy on Email Accounts*A Security Researcher Detected XSS Bugs in Google Cloud, DevSite, and Google Play*LockBit Ransomware Hackers Abusing Windows Defender to Side-Load Cobalt Strike*Researchers Discovered Giant Network of 11,000 Fake Investment Sites Targeting Europe*OneTouchPoint Suffers a Data Breach Affecting 30 Healthcare Entities*Android Adware Apps are being promoted by Facebook Ads*Federal Communications Commission warned Americans about increasing Smishing Attacks*Malicious Android Apps are Dropping Banking Malware on User Devices via Google Play Store*LibreOffice addresses Multiple Security Vulnerabilities*Microsoft 365 Suffers an Outage Impacting North American Admin Center*Threat Actors Using Hacked Microsoft SQL Servers as Proxies to Steal Bandwidth*Hackers Stealing Discord Users’ Payment Card Info Using Malicious npm Packages*Cloud Services Have Been Disabled by a Kansas MSP to Fend Off Cyberattack*Hackers Exploiting Nuki Smart Lock Vulnerabilities to Open Doors*New ‘Robin Banks’ Phishing Service Targeting Customers of Financial Organizations*Threat Actors Hacking Microsoft Exchange Servers with IIS Backdoors*New Phishing Campaign ‘Ducktail' Aimed at Professionals on LinkedIn*Hackers Employ Malware and Adware to Infect 28 Google Play Store Apps*Threat Actors Hack Blockchain Music Platform 'Audius'; $6 million Stolen*Hackers Employing WebAssembly-Coded Cryptominers to Avoid Detection*New Version of Amadey Malware Distributed in SmokeLoader Campaign Via Software Cracks*Hackers Leveraging GoMet Backdoor to Target an Ukrainian Software Company*FileWave MDM Vulnerabilities Expose 1,000 Organizations to Remote Attacks*Researchers Found CosmicStrand UEFI Malware in Gigabyte and ASUS Motherboards*A Zero-Day Vulnerability in PrestaShop is Being Actively Exploited to Steal Customer's Payment Information*Policybazaar Confirms a Network Breach in its IT Systems*Atlassian Fixed Critical Bug Enables Hackers to login Unpatched Confluence and Data Center Servers*Attackers Using DLL Side-Loading Technique to Drop QBot Malware on User Systems*Zyxel Releases Security Patches to Fix Vulnerabilities in its Firewall Products*Fraudsters Targeting Punjab State Power Corporation Limited (PSPCL) Consumers in New Online Scam*A Threat Actor 'Devil' claimed to have stolen Account Data of 5.4 million Twitter Users*Russian Attackers Breach Ukrainian Media Company TAVR Media to Spread Fake News About President Volodymyr Zelenskiy*Konni RAT Malware is Used by North Korean Hackers to Attack European Nations*SonicWall Immediately Patches a Critical SQL Injection Vulnerability*Hackers Employing New ‘Lightning Framework’ Linux Malware to Install Backdoors and Rootkits*Hackers Leveraged High-Severity Google Chrome Bug to Infect Journalists*Cryptomining Group '8220 Gang' targeting Linux and Cloud Application Vulnerabilities*Rouge ‘YouTube’ Google Advertisem*nt Redirect Users to Windows Support Scams*Oracle Addresses 349 New Security Vulnerabilities in its July 2022 Critical Patch Update*Apple Addressed Multiple Security Vulnerabilities in its All Devices*A New CloudMensis Spyware Targeting Apple macOS Users*A New Cryptocurrency Scam Swindle Users Via Fake Nvidia Giveaway*Russian SVR Attackers Employing Google Drive Cloud Services to Evade Detection*Belgium Claims Chinese Threat Groups Targeting its Ministry of Defense and Interior Ministries*Attackers Steal 50,000 Payment Card Details from 300 U.S. Restaurants in Web-Skimming Campaigns*German-Based Giant Building Materials Producer Knauf Hit by Black Basta Ransomware Attack*FBI Alerts of Fraudulent Cryptocurrency Apps used to trick U.S. Investors*Flipkart owned Cleartrip Suffers Data Breach*Albania Government Hit by a Massive Cyberattack Forced to Shut Down Websites and Online Services*Windows Network File System Vulnerability Leads to Arbitrary Code Execution*The Infamous Pegasus Spyware Infected Thailand Pro-Democracy Activists' Smartphones*Threat Actors Comproised Popular Premint NFT Website and Stolen Nearly $375k Worth of NFTs*Israel's Health Ministry Website Hit by a Cyberattack Prevented Access to Users from Abroad*Microsoft 365 Service Outage Impacts Outlook and Exchange Online*The Qakbot Trojan Malware Increased its Infection Rate with New Techniques*Juniper Fixes Critical Vulnerabilities in Junos OS and Contrail Networking Products*Attackers Spoofing GitHub Commit Metadata to Mask Malicious GitHub Repositories*Colorado Springs Utilities Issued Warning to Customers After Identifying a Data Breach*Researchers Detected a New Netwrix Auditor Flaw which Enables Hackers to Compromise Active Directory Environment*Researchers Disclose Use-after-free Condition in Google Chrome WebGPU*Threat Actors Using Digium Phone Software To Actively Exploit VoIP Servers*Threat Actors Actively Exploiting Modern WPBakery Page Builder Addons Vulnerability*Threat Actors Targeting Industrial Operators Using Trojan Horse Malware and Password Cracking Ecosystem*DDoS Attacks by the Mantis Botnet Hit Hundreds of Cloudflare Users*Microsoft Attributed Holy Ghost Ransomware Operation to North Korean Attackers*Pakistani Hackers Targeting Indian Students in a New Spear-Phishing Email Campaign*Hackers Targeting PayPal Users Using Phishing Kit Installed on Hacked WordPress Sites*Nation-State Hacking Groups Targeting Journalists in Espionage and Malware Campaign*New Retbleed Speculative Execution Attacks Impacts Intel and AMD Processors*Famous Social Media Site, Twitter Suffers Outage; Prevented Users from Posting Tweets*SAP Fixed Multiple Security Vulnerabilities in its July 2022 Security Patch Day*Lenovo Fixes Three UEFI Firmware Security Flaws Impacting more than 70 Product Models*Bandai Namco Confirmed the Cyberattack and Investigating Data Leak*Lithuanian Energy Company 'Ignitis Group' Hit by DDOS Attack*Researcher Detected a New Android Malware 'Autolycos' on Google Play Store, Downloaded 3 Million Times*Uniswap Lost $8 Million Worth of Ethereum Crypto in Large-Scale Phishing Attack*Microsoft Uncovered the Exploit Code for macOS Sandbox Escape Vulnerability*New Data Extortion Group 'Luna Moth' Breaching Organizations Via Fake Subscription Renewals*Microsoft Detected AiTM Phishing Campaign Targeting Over 10,000 Entities Since 2021*Malaysia and Indonesia Hackers Launch Cyber War Against Indian Entities Due to Nupur Sharma's Controversial Comments*The New York Department of Motor Vehicles (DMV) Warned of Smishing Attacks*Siemens and Schneider Electric Addressed Several Flaws in its ICS Products*VMware Fixes Eight-Month-Old High Severity Vulnerability in vCenter Server*CISA Urges Federal Agencies to patch the new Windows High-Severity Vulnerability*Adobe Fixes Critical Vulnerabilities in its Acrobat, Reader, Photoshop Products*Microsoft Patch Tuesday Security Advisory - July 2022*North Korean Hackers Stole $620 Million from Axie Infinity in Spear-Phishing Attack*India’s Central Public Works Department (CPWD) Experiencing Targeted Cyberattacks Across its Offices*Scammers Started Phishing Campaign Targeting Amazon Prime Day-Shoppers*Attackers Leveraging Azure VMs and GitHub Actions for Cloud-Based Cryptocurrency Mining*A Rolling-PWN Vulnerability Enables Attackers to Start Honda Vehicle Remotely*Hackers Disguise as Cybersecurity Companies to Trick Victims into Installing Malware*Attackers Compromised Goa’s Water Resource Department (WRD) Server and Demanded Cryptocurrency as Ransom*New 0mega Ransomware Gang Targeting Organizations in Double-Extortion Attacks*A New Phishing Campaign Leveraging Follina Vulnerability to Deploy Rozena Backdoor*Hackers Targeting Russian Users by Employing a Malicious Browser Extension*Cisco Fixes a Critical Vulnerability in its Enterprise Communication Solutions*Fortinet Addressed Several Security Vulnerabilities in its Multiple Products*Mangatoon Data Breach Exposed 23 Million Accounts Information*Microsoft Patched a Flaw Crashing Office Apps While Opening with Cloud Documents*A Canadian Communications Firm Rogers Suffers Massive Outage Affecting Mobile Service*New Stealthy OrBit Malware Harvesting Information from Linux Systems*Hackers Sending Fake Copyright Complaint Emails to Deploy IcedID Banking Malware*Hackers can Exploit Online Programming Learning Websites to Launch Remote Cyberattacks*CuteBoi Threat Group Deploys Over 1,200 NPM Malicious Packages in Large-Scale Cryptomining Campaign*Checkmate Ransomware Attacks Targeting QNAP NAS Devices Exposed to Internet*Hacking and Ransomware Groups Switch from Cobalt Strike to Brute Ratel Post-Exploitation Toolkit*Bitter APT Threat Group Still Targeting Bangladesh Military Entities*Federal Agencies Alerted on Maui Ransomware Attacks Targeting Healthcare Entities*OpenSSL Patches a High Severity Vulnerability in Cryptographic Library*North American Giant IT Service Provider 'SHI' Hit by a Potential Malware Attack*Marriott Hotels Suffers a Data Breach that Exposed 20 GB of Guests Information*USA Professional Finance Company Suffers Data Breach Affecting Patients of 650 Healthcare Providers*Microsoft Silently Patches the ShadowCoerce Windows NTLM Relay Vulnerability*NPM Supply Chain Attack Employed Typosquatting Technique to Launch Supply Chain Attack*New RedAlert Ransomware Gang Targeting Windows and Linux VMware ESXi Servers*UK Army's YouTube and Twitter Account Hacked to Promote Crypto Scams*Google Patches An Actively Exploited New Chrome Zero-Day Vulnerability*Django Patches A High Severity SQL Injection Vulnerability in its New Release*One Billion Chinese Citizens' Stolen Data is Being Sold by Hackers for Bitcoins*Jenkins Revealed Several Zero-Day Vulnerabilities in its Multiple Plugins*Several Flaws in Brocade SANnav Storage Area Network (SAN) Affects Multiple Major Entities*Evilnum APT Group Makes Comeback with Updated TTPs, Targeting Fintech Entities*Microsoft Warns of Raspberry Robin Worm Infecting Hundreds of Windows Networks Via Infected USB Drives*A Cyberattack Over Geographical Solutions Inc. (GSI) Disrupted Unemployment Services Across the United States*Hackers Sent Fake Suspension Notices to Verified Twitter Accounts*Google Alerts Users about Slice Payments App which Steals Photos, Audio Records, and Call Histories*RCE Exploit Discovered in Zoho Manage Engine AD Audit Plus Bug*A XFiles Info-Stealing Malware Now Leveraging Follina Vulnerability in Cyberattacks*Toll Fraud Malware Targets Android Devices by Automatically Subscribing to Premium Services*NFT Giant OpenSea Reports Data Breach and Warned Users of Phishing Attacks*Macmillan Publishers Suffers a Ransomware Attack; Forced to Shut Down Network*Norway's Government Websites Suffers Multiple DDoS Attacks*Attackers Employing New Stealthy Malware to Backdoor Microsoft Exchange Servers Worldwide*A New Info-Stealer 'YTStealer' Targets YouTube Content Creators to Steal Authentication Tokens*MITRE Published Top 25 Most Dangerous Software Bugs List of 2022*Walmart Denies Yanluowang Ransomware Attack*CISA Urged Administrators to Patch High-Severity Linux PwnKit Vulnerability*Microsoft Patches Azure FabricScape Vulnerability Enable Hackers to Hijack Vulnerable Linux Clusters*Amazon Patches High Severity Security Flaw in its Android Photos Application*A Famous Raccoon Stealer Malware Returned With New Malicious Capabilities*Researchers Found Over 900,000 Internet-Exposed Kubernetes Instances Vulnerable to Data-Exposing Cyberattacks*Hackers Reused Same Compromised Account Credentials of Zola Website to Gain Access to User Accounts*Threat Actors Installing New 'ZuoRAT' Malware on Unpatched SOHO Routers*Microsoft Released Windows 10 KB5014666 Cumulative Update Include Several Bugs Fixes and New Printing Features*American Famous Semiconductor Company AMD Investigating RansomHouse Data Theft Claims*Unknown Threat Actor Installed Credit Card Skimmers on Bank of the West's ATMs*A New Android Banking Malware 'Revive' Masquerades BBVA Bank’s 2FA Application*Chinese APT Group Compromising Building Automation Systems by Leveraging Microsoft ProxyLogon Vulnerability*The National Institute of Standards and Technology (NIST) Issues New Guidance on Securing macOS Systems*A Cyberattack Hit Iran’s Major Steel Companies and Forced to Stop Factory Production*The Vice Society Ransomware Group Claims Responsibility of Attack on Medical University of Innsbruck*A New Phishing Technique Uses Microsoft WebView2 Apps to Bypass Multi-Factor Authentication*LockBit Ransomware Gang Infecting Users Via Fake Copyright Violation Emails*U.S. Federal Trade Commission Warns on Extortionists Targeting LGBTQ+ Community*Microsoft Downplays High Severity Vulnerabilities in Edge Web Browser, Affecting Over 150 Million Users*Fast Shop, a Brazilian Retailer, Disclosed a Cyberattack Involving Extortion*Cybercriminals leveraging Mitel Zero Day to Launch Suspected Ransomware Attack*Malicious PyPi Python Packages Sending stolen AWS keys to Unsecured Websites*A Japan Based Automotive Fabrics Distributor TB Kawashima Confirmed on a Cyberattack*ISGEC Heavy Engineering Limited data is Encrypted by Hackers and They Demand Bitcoin to Decrypt It*Automotive Hose Maker Nichirin's USA Based Subsidiary Suffers Ransomware Attack*CISA Warns on Threat Actors Leveraging Log4Shell Vulnerability to Hack VMware Servers*New Quantum Builder Enable Attackers to Easily Launch Malicious Windows 'LNK' Attacks*A New Phishing Campaign Targeting Microsoft 365 Users to Steal MetaMask Recovery Phrases*Vulnerable QNAP NAS Devices are Targeted by DeadBolt Ransomware Attacks*Italian Spyware Vendor Infects Android and iOS Users with help of Internet Service Providers*SMA Technologies’ Critical OpCon UNIX Agent Vulnerability Receives A Patch*Chinese Hacking Group Disguising Cyber Espionage Operation as Ransomware Attacks*Lithuanian NCSC Warned of an Increase in DDoS Attacks on Government Websites*Google Fixed 14 Vulnerabilities with the release of Chrome 103 Version*Chinese Hackers Distributing 'Nimbda' Loader Bundled in 'SMS Bomber' Tool to Install Info-Stealer Trojan Payload*MEGA Patches Several Critical Vulnerabilities in Encryption Algorithm*Cloudflare Suffers Massive Outage Caused by Network Configuration Error*Icefall 56 Vulnerabilities are affecting Operational Technology Devices used in Various Industries*New APT Group ToddyCat Targets Microsoft Exchange Servers*Yodel Parcel Company Suffers Cyberattack Disrupting Delivery Services*Microsoft 365 Service Outage Impacts Microsoft Exchange Online and Teams*A New Phishing Campaign Steals Microsoft 365 Credentials Via Fake Voicemails*New DFSCoerce NTLM Relay Attack Enables Attackers to Take Control Over Windows Domain*RobertHalf, Global HR Firm Warns Users About Credential Stuffing Attack*Android Banking Trojan BRATA Now Evolving Into Advance Persistence Threat*A New Surge in ECh0raix Ransomware Attacks Detected Targeting QNAP NAS Devices*Hackers Dropping Malicious Cobalt Strike Beacons in a New Phishing Campaign*Cisco Confirmed on not Patching RCE Flaw in Obsolete VPN Routers*A New 'MaliBot' Android Banking Malware Distributing as Crypto-Mining or Chrome Browser Application*Researchers Identified Dozen of Flaws in Industrial Network Management System of Siemens*The United States Department of Justice Dismantled Russian RSocks Botnet Infrastructure*A Vulnerability in Cisco Appliances Allows Hackers to Bypass Authentication*WordPress Force-Updated Ninja Forms Plugin Patch on Millions of Websites*Chinese Hackers Exploited Sophos Firewall Zero-day Bug Weeks Before Official Patch Release*Africa's Largest Supermarket 'Shoprite Holdings' Hit by Ransomware Attack*Citrix Fixed Critical ADM Vulnerability in its Security Updates*New Peer-to-Peer Panchan Botnet Compromised Several Linux Servers in Education Sector*Public Travis CI API Logs Exposed Thousands of GitHub, AWS, Docker Tokens*A New Side-Channel Attack 'Hertzbleed' Affects Intel and AMD Processors*Cloudflare Detects and Mitigates Largest HTTPS DDoS Attack*Microsoft Fixed Actively Exploited Windows MSDT Zero-Day Vulnerability in its June 2022 Security Updates*ALPHV Ransomware Group Created a New Technique for Extortion*Unknown Threat Group Hacked Over 500 Indian Websites, Demanding an Apology to Muslims All Over the World*Android Adware and Info-stealing Malware Downloaded Over Two Million Times on Google Play Store*Nonprofit Health Care Company Kaiser Permanente Confirms on Data Breach, Affected Over 69,000 Individuals*Microsoft Patch Tuesday Security Advisory - June 2022*Gallium Hackers Targeting Financial and Government Organizations Using New 'PingPull' Malware*Attackers Deploying BlackCat Ransomware on Compromised Microsoft Exchange Servers*Threat Actors Employing a New Linux Rootkit Malware ‘Syslogk’ in Cyberattacks*A Stealthy Linux Malware 'Symbiote' Targeting Latin American Financial Entities*Malicious PyPI Package ‘keep’ Contains Password Stealer Due to Typographical Error*Hello XD Ransomware Group Now Dropping a Backdoor While Encrypting Systems*New PACMAN Hardware Attack can Bypass Pointer Authentication (PAC) in Mac Systems*AvosLocker and Cerber2021 Ransomware Gang Actively Targeting Unpatched Atlassian Confluence Servers*Google Fixed Several Security Vulnerabilities in Chrome Browser Updates*Iranian Hackers Use DNS Backdoor to Attack Energy Sector*Hackers Distributing New Info-Stealer Malware Via Pirated CCleaner Pro Software*Several Botnets Now Exploiting Critical Atlassian Confluence RCE Vulnerability to Deploy Cryptominers*Researchers Identified a New Chinese-Linked APT Group Spying on Organizations for 10 Years*The New Advanced Malware 'Symbiote' Infects All Linux Processes and Steal Account Credentials*Threat Actors Compromised US Online Gun Shops to Steal Customers' Credit Card Details*Emotet Malware is Now Harvesting Credit Card Information from Google Chrome Browser*Medical Service Provider 'Shields Health Care Group' Suffers a Data Breach, Exposed Over 2,000,000 People Data*Google Fixed Several Critical Android Flaws in June 2022 Security Updates*Hackers Abused Facebook Messenger in Large-Scale Phishing Campaign to Steal Victims' Credentials*Two Critical U-Boot Vulnerabilities Disclosed in Linux-Based Embedded Systems*Black Basta Ransomware Strikes Vulnerable VMware ESXi Servers*Threat Actors Deploying New Malware 'SVCReady' Via Phishing Campaigns*Chinese Govt Hackers Compromise US Telecommunication Companies to Snoop on Network Traffic*Black Basta Ransomware Group Employing QBot Malware in their Operations*Italian City of Palermo Hit by Cyberattack, Impacting Wide Range of Operations and Services*The LockBit Ransomware Group Claims to Infiltrate Mandiant Company's Network*Hackers Actively Exploiting Critical Windows Zero-day Vulnerability in a Phishing Campaign*Sensitive Data of Pharmaceutical Giant 'Novartis' Exposed in a Recent Cyberattack*WatchDog Hacker Group Mining Crytpocurency in a Newly Launched Cryptojacking Campaign*The Android Malware 'SMSFactory' Discreetly Subscribes Users to Premium Services*Hackers Stolen NFTs From the Bored Ape Yacht Club Via Yuga Lab's Discord Server Hack*GitLab Patches a Critical Account Takeover Vulnerability in its Enterprise Edition*Malware Controlling Thousands of Sites in the Parrot TDS Network Identified by Researchers*Chinese Threat Group LuoYu Using WinDealer Malware in Man on the Side Attacks*Foxconn's Mexico-Based Manufacturing Unit Hit by Ransomware Attack*Microsoft Suspended Malicious OneDrive Applications Used in Polonium's Attacks*A New Clipminer Malware Brought its Operators $1.7 Million Via Transaction Hijacking*Hackers Actively Exploiting New Atlassian Confluence Zero-Day Vulnerability in the Wild*Attackers Targeted Hundreds of Unsecured Elasticsearch Databases in Ransom Attack*SideWinder APT Group Creates Fake Android VPN App on Official Google Play Store*RuneScape-Themed Phishing Campaign Steals Users' Account Details and In-Game Item Bank PIN*A Zero-Day Vulnerability in Windows Microsoft Office Receives Free Unofficial Patch*Researchers Found Over 3.6 Million MySQL Servers are Exposed to Public*Costa Rica’s Public Health Service Network Hit by Hive Ransomware Attack*Attackers can Hijack WhatsApp Accounts Using Call Forwarding Method*Chinese APT Hackers Actively Exploiting New Microsoft Office RCE Vulnerability in the Wild*A New XLoader Botnet Variant Hides its C2 Servers Using Probability Method*Zoom Released Security Patches to Fix Four Critical Vulnerabilities in its Video Conferencing App*Cisco Researchers Discovered Several Flaws in Open Automation Software Platform*Hackers Leveraging a New Microsoft Office Zero-Day Flaw to Run PowerShell Commands*Austrian Federal State Carinthia Hit by BlackCat Ransomware Gang*Attackers Employing a New WSL-Based Malware to Steal Web Browser Cookies*EnemyBot Malware Includes New Exploits for Critical Web Servers, Content Management Systems Vulnerabilities*FBI: Attackers Marketing Network Access Credentials for U.S. Education Institutions in Hacking Forums*Security Researchers Released Proof-of-Concept (PoC) Exploit for Critical VMware Flaw*Microsoft Detected Multiple Security Vulnerabilities in Android Applications*Threat Actors Stole Around 100,000 NPM User Account Credentials in GitHub OAuth Breach*Zyxel Fixed Multiple Security Vulnerabilities in its Products*Windows 11 KB5014019 Patch Affects Trend Micro UMH Driver, Breaking Ransomware Protection*Scammers Impersonating QuickBooks Support Team in Phishing Attack*Threat Actor Leveraging Stealthy BPFDoor Malware to Infect Linux and Solaris Systems*Microsoft Shared Guidelines to Mitigate KrbRelayUp LPE Attacks on Windows Systems*New Linux-Based Ransomware 'Cheers' Targeting Vulnerable VMware ESXi Servers*Researchers Detected a Rise in ChromeLoader Malware Infection Rate, Targeting Windows and Mac Systems*Developers Warned Users to Stop Using Tails 5.0 Linux Distributions Until Next Release*Popular Python and PHP libraries Compromised to Steal Users' Amazon AWS Keys and Credentials*Russian Government Agencies Targeted by Fake Windows Updates Campaign*Researchers Discovered a New Chaos Ransomware Variant*Trend Micro Fixed a DLL Hijacking Vulnerability in its Security Solution*Mozilla Fixed Zero-Day Vulnerabilities in its Multiple Products*Indian Airline SpiceJet Suffers Ransomware Attack, Impacted Flight Departures*Hackers Targeted Security Researchers with Fake Windows PoC Exploits*US Car Manufacturer General Motors (GM) Suffers Credential Stuffing Attack, Exposed its Customers Information*Chinese Twisted Panda APT Group Targets Russian’s Defense Institutes in Espionage Attacks*A New Unpatched Vulnerability in PayPal Allows Hackers to Steal Money From PayPal Users*Microsoft Store App Issues are Fixed with Emergency Updates for Windows 10*Russian IoT Botnet Fronton Used to Launch Social Media Disinformation Campaigns*Chicago Public Schools Suffers Massive Data Breach After Ransomware Attack*Predator Spyware Actively Infecting Android Users in Zero-day Attacks*Hackers Employing PDF Documents to Drop Snake Keylogger Malware*Threat Actors Promoting New Cryptocurrency Scam Using Fake Elon Musk YouTube Videos*Cisco Addressed a Zero-Day Vulnerability in IOS XR Router Software*Vidar Malware is Distributed via Fake Windows 11 Downloads*Malicious PyPI Package Drops Backdoors Targets Windows, Linux, and Mac OS*North Korean Lazarus Hacking Group Leveraging Log4J Vulnerability to Infect VMware Servers*QNAP Warned Customers on New DeadBolt Ransomware Attack*Media Giant Nikkei’s Singapore Unit Suffers Ransomware Attack*Microsoft Detects a Massive Rise in XorDDoS Malware Activity Targeting Linux Devices*Most Sophisticated BlackCat Ransomware (ALPHV) Gang Targeting Various Organizations*NVIDIA Addressed Ten Flaws in the Windows GPU Display Drivers*Microsoft Warns About Brute-Force Attacks Targeting MSSQL Database Servers*VMware Fixed Critical Vulnerabilities in its Multiple Products*WordPress Fixed Critical Vulnerabilities in Jupiter Theme and JupiterX Core Plugins*Over 200 Apps Found Distributing Facestealer Spyware Via Google Play Store*Millions of Attacks Exploiting Vulnerable WordPress Tatsu Builder Plugin*Multiple Third-Party Web Trackers Steal User's Entered Data Before Submitting*CISA Alerts on Actively Exploited Spring And Zyxel Vulnerabilities*A Custom PowerShell RAT Targeting German Users Looking for Ukraine Crisis Information*Apple Patches a Zero-Day Vulnerability in its MacOS and Watch Devices*Manufacturing Firm Parker-Hannifin Discloses Data Breach Post Ransomware Attack*HTML Attachments Still Used in Phishing Emails as it Avoids Detection*Sophos Fixes BSODs Flaw in Antivirus Driver Triggered After Windows KB5013943 Update*CISA Warns May Windows Updates on Domain Controllers*Fake Pixelmon NFT Site Infect Users with Password-Stealing Malware*Attackers Promoted Fake Binance NFT Mystery Box Bots on YouTube to Install RedLine Malware*SonicWall Patches New Vulnerabilities in its SSLVPN SMA1000 Devices*Pro-Russian Hackers DDoS Italian Govt Sites Via “Slow HTTP” Technique*Sysrv Botnet Variant is Now Exploiting New Vulnerabilities to Deploy Cryptomining Malware*Massive WordPress JavaScript Injection Campaign Redirecting Visitors to Malicious Sites*Zyxel Pacthes Critical Vulnerability in its Firewall Products*Cobalt Mirage Attackers Using BitLocker and DiskCryptor in Ransomware Attacks*A Stealthy BPFdoor Backdoor Targeting Linux and Solaris Systems*FBI and CISA Warns on Supply Chain Attacks Targeting MSPs*Bitter Hacking Group Targeting Bangladesh Government Entities via Spear-Phishing Campaigns*HP Patches High-Severity BIOS Vulnerabilities Enabling Kernel Privileges*Hackers Deploy a New Post-Exploitation Framework IceApple on Microsoft Exchange Servers*Attackers Spreading Another Set of Malicious Apps Through Google Play Store*Researchers Alerts on DCRat Backdoor Being Sold on Russian Hacking Forums*Costa Rica Declares National Emergency Following Cyberattacks from Conti Ransomware Group*Scammers Distributing Jester Stealer Malware in Phishing Attacks*Microsoft Patches an Actively Exploited Windows LSA Spoofing Zero-Day Flaw*Hackers Employing Critical F5 BIG-IP Vulnerability in Destructive Attacks*FluBot Android Malware Aims at Finland in a New SMS Phishing Campaign*German Automotive Industry Targeted by a Month-Long Malware Campaign*Microsoft Patch Tuesday Security Advisory - May 2022*Microsoft Patches a Flaw in Azure Synapse and Azure Data Factory Pipelines*QNAP has Fixed a Critical Vulnerability Affecting Remote Command Execution in QVR*New Windows Worm Spreading Through Infected USB Drives*US Agricultural Machinery Company 'AGCO' Suffers Ransomware Attack*Google Docs Crashes at the Sight “And. And. And. And. And.”*Attackers Hijacked Ferrari's Subdomain to Host Fake NFT Scam*New NetDooka Malware Framework Distributed via PrivateLoader Malware Distribution Service*Unsecured ElasticSearch Server Instance Exposed Thousands of Borrower's Data*New Chinese Threat Group Moshen Dragon Targeting Asian Telecommunication Entities*Security Researchers Disclose Years-Old Bugs in Avast and AVG Antivirus Solution*Google Patches an Actively Exploited Linux Kernel Flaw in its Android Security Updates*North Korean Hacker Group 'APT38' Linked to New Ransomware Strains*Threat Actors Targeting Microsoft Logins from Compromised UK NHS Email Accounts*Cisco Patches NFVIS Vulnerabilities Enabling Access to Root Privileges*F5 Alerts Users on Critical BIG-IP RCE Vulnerability Allowing Device Takeover*Hackers Targeting Pixiv, DeviantArt Artists to Push an Info-stealer Malware*Pro-Ukraine Hackers Actively Exploiting Docker Images to DDoS Russian Sites*Threat Actors Distributing Magniber Ransomware in a Fake Windows 10 Upgrade Campaign*Over Millions of Routers and IoT Devices are Vulnerable to Unpatched DNS Vulnerability*Aruba and Avaya Network Switches Highly Vulnerable to "TLStorm 2.0" Vulnerabilities*Threat Actors Abusing Google’s SMTP Relay Service to Distribute Phishing Emails*Car Rental Giant Sixt Hit by Cyberattack, Disrupting its Operations*Threat Actors Employing Bumblebee Malware Instead of BazarLoader Malware in Cyberattacks*Attackers Targeting Ukraine Websites from Compromised WordPress Sites in DDoS Attacks*Synology Alerts Customers on Critical Netatalk Bugs, Affecting its Several Products*Russian Threat Group Targeted Romanian Government Sites with DDoS Attack*Austin Peay State University Suffers Ransomware Attack*A YouTuber Encouraging Followers to Perform DDoS Attacks Against Russia*Popular Social Media App Whatsapp Suffers Outage, Users Reported Connection Issues*A NPM Flaw Enable Attackers to Add Other Developers to their Malicious Packages*Microsoft Fixed Critical Vulnerabilities in Azure Database for PostgreSQL Flexible Server*The RIG Exploit Kit Leverages an Internet Explorer Flaw to Spread RedLine Malware*Chinese-Linked Threat Group 'Mustang Panda' Now Targeting Russian State Officers*Threat Group Hive0117 Targeting Eastern European Organizations in Phishing Campaign*QNAP Warned Customers to Disable AFP Until Critical Bugs Fixed*Microsoft Disclosed a New 'Nimbuspwn' Vulnerability in Linux Operating System*Threat Actors Actively Exploiting Critical VMware RCE Vulnerability to Deploy Backdoors*Threat Actors Actively Spreading Emotet Malware Via Windows Shortcut Files*Multinational Beverage Corporation Coca-Cola Suffers a Network Breach*American Dental Associations Sensitive Data Stolen by Black Basta Ransomware*North Korean APT Group Targeting Journalists with Malware 'Goldbackdoor'*French Hospital Group Suffers Cyberattack; Administrative and Patient Data Exposed*A Critical Flaw in Ever Surf Wallet Enable Attackers to Steal Victim's Cryptocurrencies*Atlassian Patched Critical Authentication Bypass Flaw in Jira Seraph*Hackers Slipping 'More Eggs' Malware Into Resumes Sent to Corporate Hiring Managers*A Critical Flaw in Cisco Umbrella’s Default SSH Key Enabled Credential Theft*UPI Suffers Outage, Social Media Flooded with Payment Failure Complaints*T-Mobile Confirms Lapsus$ Threat Group Breached its Internal Network*Several Critical Flaws Disclosed in SmartPTT and SmartICS Industrial Products*QNAP Urges Users To Mitigate Critical Apache HTTP Server Flaws*LemonDuck and TeamTNT Hacking Docker Servers in Cryptomining Malware Campaigns*A Critical Android Chipset Vulnerability Enables Attackers to Access User's Media Files*New BotenaGo Botnet Variant Targeting Lilin Security Camera DVR Devices*Amazon Web Services Patches Container Escape in Log4Shell Hotfix*Russian Threat Group Employing New Pteredo Variants to Infect Targeted Ukrainian Entities*Hive Ransomware Group Targeting Vulnerable Microsoft Exchange Servers*Emotet Botnet Increased its Infection Rate in March 2022*CISA Warns About an Actively Exploited Windows Print Spooler Vulnerability*QNAP Warned Customers to Secure NAS Devices from Cyberattacks*Lenovo Disclosed UEFI Firmware Driver Vulnerabilities, Affecting Over 100 Laptop Models*Israelian NSO Group Leveraging New iOS Flaw to Drop Spyware on iPhone Devices*CISA Issues a Warning Regarding a North Korean Hacking Group Targeting Cryptocurrency Industries*A Threat Actor Stole $655,388 in Cryptocurrency from Apple's iCloud*Hackers Using Fake Windows 11 Upgrade Campaign to Infect Users*Decentralized Finance Project Beanstalk Lost $182 Million in Flash-loan Attack*Cisco Patches a Critical Authentication Bypass Vulnerability in its WLC Software*'JekyllBot:5' Bugs Enable Hackers to Compromise Aethon TUG Hospital Robots*Hackers Accessed Several GitHub's Private Repositories Using Stolen OAuth Tokens*Scammers Targeting T-Mobile Customers in SMS Phishing Attacks*A Vulnerability in Rarible NFT Marketplace Let Attackers Steal Users' Crypto Assets*Wind Turbine Manufacturer 'Nordex' Suffers Conti Ransomware Attack*Oil India Limited (OIL) Suffers Ransomware Attack*Threat Actors Targeting Ukrainian Government Entities with IcedID Malware and Zimbra Exploits*'OldGremlin' Ransomware Group Returns with New Malware Targeting Russian Entities*CISA Warns About an Actively Exploited Windows Local Privilege Escalation Vulnerability*Google Fixes An Actively Exploited Vulnerability in its Chrome Browser*Malware Campaigns Targeting African Bank Employees with RemcosRAT Malware*Russian Hackers Employ the Industroyer2 Malware to Attack Ukraine Power Grid*Federal Agencies Issues a Joint Advisory on APT Groups Targeting ICS/SCADA Devices*Hackers Actively Exploiting An Already Patched Critical VMware Vulnerability*WordPress Developers Patches a Critical Flaw in Elementor Plugin*A New Malware Tarrask Hides Scheduled Tasks Using Windows Vulnerability*HP Patches Critical Bugs Impacting 15 Million Endpoints in Teradici PCoIP Software*Hashnode Blogging Platform Reported to Have Critical LFI Vulnerability*Microsoft Patch Tuesday Security Advisory - April 2022*Italian Luxury Fashion House 'Ermenegildo Zegna' Confirms Ransomware Attack*Threat Actors Leveraging Spring4Shell Exploits to Install Mirai Malware*American Manufacturing Company 'Snap-on' Suffers a Data Breach*Researchers Issue Alert About Information-Stealing Malwares FFDroider & Lightning*Qbot Operators Now Distributing Malware via MSI Windows Installer Packages*The Android Banking Trojan Mimics Bank Customer Service Calls*Atlassian's Ongoing Outage Might Extend Another Two Weeks*Threat Actors Distributing a New META Malware in Spam Campaigns*Chinese Threat Actors Actively Targeting Indian Power Grid Organizations*New Octo Malware Let Attackers Take Control of Android Devices Remotely*A New Traffic Direction System 'Parrot' Infects 16,500 Sites to Deploy Malware*New Malware 'Denonia' Targets Serverless AWS Lambda with Cryptominers*Hackers Harvesting Data Via Malicious Android Apps with Million of Downloads*Threat Actors Using New 'FFDroider' Malware to Steal Social Media Accounts*An Ongoing Atlassian Outage Affects Jira and Confluence Customers*OpenSSL Infinite Loop Vulnerability Affects Palo Alto Networks Firewalls and VPNs*Scammers Using Malicious Shopping Apps to Steal Bank Credentials of Malaysian Customers*UK Retail Chain The Works Hit by Cyberattack*VMware Patches Critical Vulnerabilities in its Multiple Products*CISA Issues an Alert Relating the Active Exploitation of a Critical Spring4Shell Vulnerability*Researchers Link Chinese Threat Group 'Cicada' to Widespread Espionage Attacks*Hackers Breach Email Marketing Company 'Mailchimp' to Conduct Phishing Attacks*FIN7 Hacking Group Employing Stolen Credentials and Software Supply Chain Attacks*Several Hacking Groups Capitalizing on Russia-Ukraine War To Distribute Malware*Threat Actors Marketing New Sophisticated Malware on Russian Hacking Forums*Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave Routers*New RAT Malware 'Borat' Appears on Hacking Forums, Offering Several Features*Brokenwire Hack Could Let Attackers Disrupt Charging for Electric Vehicles Remotely*VMware Fixes Critical Spring4Shell RCE Vulnerability in its Multiple Products*A 15 Year Old Bug in Pear PHP Repository could Lead to Supply Chain Attack*Trend Micro Patches Actively Exploited Vulnerability in its Apex Central Product*Threat Actors Employ New Android Spyware to Harvest Sensitive User Data*American Express Suffers Massive Outage, Affects Payment Services*Threat Actors Abusing Microsoft Azure Static Web Pages in Phishing Attacks*Hackers Using Fake Trezor Data Breach Emails to Harvest Users Cryptocurrency Assets*CISA Warns Federal Civilian Agencies to Patch Critical Sophos Firewall Vulnerability*Critical GitLab Vulnerability Enables Hackers to Take Over User Accounts*Palo Alto Networks Error Leaks Customer Support Cases, Attachments*Apple Patches Two Zero-Days in its iPhones, iPads, and Macs Devices*Zyxel Patches Critical Authentication Bypass Vulnerability in its Firewall and VPN Products*Vulnerable Wyze Cam Devices Allow Hackers to View Video Feeds*Chinese Hackers Installing New 'Fire Chili' Rootkit on Vulnerable VMware Horizon Servers*Viasat Confirmed Satellite Modems were Compromised with AcidRain Malware*Developers Release a Fix for a Zero-Day Vulnerability in Spring Java Framework*A New Zero-Day Vulnerability in Spring Java Framework Allows Remote Code Execution*A Severe OpenSSL Bug Affects the Majority of QNAP NAS Devices*Globant, an IT and software Firm, Suffers a Data Breach; 70GB of Data is Stolen*Viasat's KA-SAT Satellite Service Suffers From Cyberattack*A New Spear-phishing Campaign Targets Russian Govt Dissidents with Cobalt Strike*Russian Phishing Attacks Target NATO, and European Military Forces*FBI Warns Election Officials of Credential Phishing Campaigns*Transparent Tribe Hackers Targeting Indian Government Officials Via Modified MFA Tool*Mars Stealer Malware Spreads Through OpenOffice Ads on Google*New Malware 'Verblecon' Infects Hacked PCs with Cryptocurrency Miners*CISA Wans of Attacks on Internet-connected UPS Devices*Shutterfly Discloses Data Breach Post Suffering Conti Ransomware Attack*Threat Actors Using Infected WordPress Sites to Launch DDoS Attacks*Remote Keyless System of Honda Vehicles Vulnerable to Replay Attacks*Threat Actors Targeting Vulnerable Microsoft Exchange Servers Via Reply Chain Hijacking Attacks*'Purple Fox' Hackers Actively Using New Variant of FatalRAT in Recent Malware Attacks*Muhstik Botnet Targeting Redis Servers Recently Disclosed Vulnerability Via Recently Disclosed Vulnerability*An Emergency Google Chrome Update Fixes Zero-Day Flaw Used In Attacks*A Critical Vulnerability in Sophos Firewall Enables Remote Code Execution*Chinese Hacking Group 'Scarab' Spotted Targeting Ukraine Amid Russia Invasion*Threat Actors Distributing a Vidar Infostealer Via Malicious Email Attachments*Hackers Targeting Azure Developers Via Over 200 Malicious NPM Packages*Social Engineering Attacks Compromise Morgan Stanley Client Accounts*Western Digital Updates My Cloud OS To Patch Critical Vulnerability*Threat Actors Distribute a New Version of JSS Loader RAT Via Malicious Microsoft Excel Add-ins*North Korean Hackers Actively Exploiting Recently Patched Chrome Zero-day Flaw*VMware Releases Patches For Carbon Black App Control Flaws*New WPS Office Flaws Give Hackers Access To Betting Firms*China-Linked Threat Actor 'Mustang Panda' Targets European Diplomats and ISPs*Thousands of MikroTik Routers Abused in Glupteba, TrickBot Campaigns*Microsoft Confirms the Hack by LAPSUS$ Extortion Group, 37GB of Source Code Leaked*New Dell BIOS Flaws Affect Millions of Inspiron, Vostro, XPS, Alienware Systems*Several HP Printer Models Vulnerable to Remote Code Execution Attacks*Greece's Public Postal Service ' ELTA' Suffers Ransomware Attack*Researchers Expose Custom macOS Malware of Chinese Hackers*A New Crypto Scam Dubbed 'CryptoRom' Abusing iPhone Features to Target Mobile Users*New Backdoor 'Serpent' Targets French Entities via Open-Source Package Installer*Hackers Targeting Bank Networks with New Rootkit to Compromise ATM Machines*Threat Actors Spreading BitRAT Malware as Windows 10 License Activator*Hackers Impersonating Legit Domains by Using New Browser-in-the Browser (BITB) Attack*Opatch Releases an Unofficial Patch For Windows Zero-Day Flaw Giving Admin Rights*Hackers Infecting Android Users Via Password Stealing Malware 'FaceStealer'*Internet Systems Consortium (ISC) Patches High-severity Bugs in BIND Server*A New Variant of Cyclops Blink Botnet Actively Targeting ASUS Routers*Europe Warns of Aircraft GPS Outages Linked To Russian Invasion*Unsecured Microsoft SQL and MySQL Servers are Targeted by Gh0stCringe Malware*SolarWinds Warns Against Attacks Aimed at Web Help Desk Instances*Over Hundreds of GoDaddy-Hosted Sites Were Backdoored In One Single Day*CISA Added 15 Known Vulnerabilities Exploited in Attacks*OpenSSL Patches a High-Severity DoS Vulnerability*Hackers Employing Log4j Exploits to Infect Linux Machines*A Massive Phishing Campaign Employs 500+ Domains to Steal Credentials*Giant Automotive Manufacturer DENSO Suffers Data Breach*QNAP Alerted on Linux 'Dirty Pipe' Vulnerability, Affecting its NAS Devices*Threat Actors Employed CaddyWiper Data Wiping Malware in Ukraine Attacks*New Linux Vulnerability Allows Hackers to Elevate Privileges*Researchers found New Evidence linking Kwampirs Operators to Shamoon Malware*Bridgstone Americas Suffers Data Breach Post Ransomware Attack*Vulnerable Package Managers let Attackers to Infect Developers' Systems*Giant Video Game Developer Ubisoft Disclosed a Cyberattack, Services Disrupted*New Variant of Aberebot Trojan Harvest Users' Google Authenticator MFA Codes*Attackers Using YouTube Platform to Infect Video Games Players with Malware*Threat Actors Using Custom-made Hacking Tools in Cyberattacks*Emotet Botnet Employing Over 100,000 Bots to Carryout Cyberattacks*Iranian Threat Group Targeting Turkey and Arabian Peninsula in Malware Attack*Threat Actors Employing Mitel Devices to Launch DDoS Reflection Attacks*Russian Federal Agencies' Websites Compromised in a Supply Chain Attack*CISA Updated Conti Ransomware Alert with 100 Domains used in Cyberattacks*Chinese Threat Actors Targeting European Diplomatic Entities in Phishing Attacks*Scammers Impersonating Government Officials and Law Enforcement in Fraud Scams*Coinbase Blocks Over 25,000 Blockchain Addresses Linked to Russian Individuals*A New Linux Vulnerability Enable Hackers to Gain Root Access on Vulnerable Systems*Microsoft Fixes a Critical Azure Bug Exposing Other Customers Data*Romania's Rompetrol Gas Station Network Suffers Hive Ransomware Attack*Ukraine's Computer Emergency Response Team Warns of New Phishing Attacks*TerraMaster Patches Critical Vulnerabilities in its Network-attached Storage (NAS) Devices*Researchers Identify SharkBot Malware Disguised as an Android Antivirus on Google Play Store*Threat Actors Using Stolen NVIDIA's Code-signing Certificates in Cyberattacks*Russian Government Shares a List of IP Addresses DDoSing Russian Organizations*Vulnerable Linux Kernel Versions Enable Hackers to Execute Arbitrary Commands*New Security Bug Affects Thousands of Self-Managed GitLab Instances*Mozilla's Security Updates address two critical zero-day vulnerabilities in Firefox*'Lapsus$' Hacking Group Allegedly Leaks Samsung Electronics Confidential Data*Cisco Issue Patches for Expressway Series, TelePresence VCS Products*Researchers Propose New Side-Channel Attack on hom*omorphic Encryption*New York State Office of the Attorney General Warns Users Impacted by T-Mobile Data Breach*Over 71,000 NVIDIA Employees Credentials Compromised as a Result Of a Data Breach*Researchers Disclose a Malware Campaign Impersonating VC Firm Using Phishing Emails*Developers Address Critical Security Flaws in Famous Multimedia Library PJSIP*Researchers Disclose Critical Security Vulnerabilities in VoIPmonitor Monitoring Software*Threat Actors Leveraging Log4Shell Vulnerabilities to Launch DDoS and Cryptomining Attacks*Belarusian Nation-state Threat Group Actively Targeting European Government Entities*TrickBot Operators Updates its AnchorDNS Backdoor to AnchorMail*Threat Actors Abusing Google Ads to Push Hundreds of eBike Phishing Sites*China-linked Daxin Malware Actively Targeting Several Governments Infra in Espionage Attacks*TeaBot Malware Resurfaces on Google Play as a QR Code Scanner App*Insurance Giant 'AON' Suffered Cyberattack Over the Weekend*Second New Malware 'IsaacWiper' Targets Ukraine Amid Russian Invasion*Automobile Giant 'Toyota' Halts Production Amid Cyberattack on Supplier*Video Surveillance Giant 'Axis Communications' Suffers Massive Network Breach*Threat Actors Abusing Content Filtering Devices in DDoS Amplification Attacks*An Infostealer Malware 'Jester Stealer' Updated with New Malicious Capabilities*Threat Actors Using Ransomware as Decoy in Ukraine Cyberattacks*Android Visual Voice Mail App Vulnerability Let Attackers to Steal User Passwords*NHS Urges Users to Patch Okta Advanced Server Client RCE Vulnerability*American Multinational Technology Corporation 'Nvidia' Hit by Cyberattack*Targeted Citibank Customers Suffer Phishing Attack with Fake Suspension Alerts*Threat Group 'UNC2596' Exploiting Microsoft Exchange Vulnerabilities to Install Ransomware Payload*Hackers Using Microsoft Official Store to Deploy Malware on Victims' Systems*Threat Actor Group 'APT27' Hit US Defense Contractors Using Stealthy SockDetour Backdoor*Deadbolt Ransomware Operators Actively Targeting ASUSTOR NAS Devices*Researchers Identify a New Destructive Wiper Malware Leveraged in Ukraine Attacks*CISA Warns About an Actively Exploited Flaws in Zabbix Network Monitoring Platform*Researchers Unveil New Malware 'Small Sieve' Used by MuddyWater Hackers*Researchers Warn of New Russian Botnet Built from Hacked Firewall Devices*25 Malicious JavaScript Libraries Enable Hackers to Steal Users' Discord Tokens and Environment Variables*Threat Actors Employing Dridex Bots to Deploy Ransomware Payload on Infected Networks*Chinese Researchers Uncover Details About Equation Group's Bvp47 Backdoor*Researchers Disclose a 9-Year-Old Bug in Horde Webmail Software*Massive DDoS Attacks Hit Ukrainian Government Agencies and Banks Once Again*Researchers Disclose a New Phishing Technique Bypassing Multi-factor Authentication*Chinese Threat Group 'APT10' Targeting Taiwan Entities in a Supply Chain Attack*Hancom Office Software Vulnerable to Code Execution and Memory Corruption Attacks*Fraudsters Stolen $1.7 Million Worth NFTs from OpenSea Users' in a Phishing Attack*Threat Actors Actively Scanning Vulnerable MS SQL Servers to Deploy Cobalt Strike Beacons*A New Android Banking Trojan Spotted on Google Play Store, Targeting Europeans*American Logistics Company 'Expeditors International' Hit by Massive Cyberattack*Giant Cookware Distributor 'Meyer Corporation' Suffers Data Breach Following Ransomware Attack*Islamic Republic of Iran Broadcasting (IRIB) Hit by Cyberattack*WordPress Force-Updating UpdraftPlus Plugin Patch on Million of Sites*Iranian Threat Group Leveraging Log4j Vulnerabilities to Affect VMware Horizon Servers*PseudoManuscrypt Botnet Followed CryptBot Techniques Since May 2021*Monzo Online Banking Users Targeted by New phishing Attack*Popular E-cigarette Online Store was Compromised to load Credit Card Skimmer*Adobe Updated its Security Advisory for Critical Vulnerability*Cisco Patched high severity vulnerability Impacts Cisco Email Security Appliance*Hackers Use Microsoft Teams Chats to Spread Malware*Researchers Alerts on Golang-based Kraken Botnet Targeting Windows Systems*Cyber Threat Group 'Moses Staff' Targeted Israeli Organizations*Red Cross Claimed State-Sponsored Hacking Group Responsible for the Attack*BEC Scammers Impersonating CEOs in Virtual Meetings*Trickbot Malware Targeting Well-known Companies to Steal Users Credentials*Researchers Disclosed a High-Severity Vulnerability in Apache Cassandra*VMware Patched High Severity Vulnerabilities Affecting Several Products*BlackCat Ransomware Group Claims Swissport Ransomware Attack*Ukrainian Defense and Two Bank Sectors Hit By Massive DDOS Attack*Threat Actors Employing Mylobot Malware to Send Cyberbulling Emails*Researchers Attribute ShadowPad Malware Attacks to Chinese Threat Groups*Japanese Sportswear Company Mizuno Hit by Ransomware Attack*Moxa Patches 5 Critical Security Vulnerabilities in its MXview Software*Ukraine Suffers from Ongoing Massive Hybrid Warfare*NFL’s San Francisco 49ers Team Hit by Blackbyte Ransomware Attack*Google Pushes a Chrome Update to Fix Zero-day in its Chrome Browser*Adobe Fixed Critical Zero-day Vulnerability, Affects Adobe Commerce and Magento Users*Croatian Mobile Network Operator 'A1 Hrvatska' Suffers Data Breach*Researchers Identified New Sophisticated Rust-based Ransomware Attack*CISA Added 16 New Flaws to its Known Exploited Vulnerabilities Catalog*Threat Group ModifiedElephant Installed Fake Digital Evidence on Indian Activists*Apple Patches an Actively Exploited Zero-Day Flaw in its Security Updates*Threat Actor Group 'APT29' Targeted European Diplomats Via COVID-19-Themed Phishing Emails*FritzFrog Botnet Infects 1500 Hosts Within a Span of One Month*Researches Disclose Advanced Threat Group 'ModifiedElephant' Stealth Mode Operation Strategies*Vulnerable 'PHP Everywhere' Plugin Pose High Risk for Thousands of WordPress Sites*Iranian Threat Group Deploying Backdoor Dubbed Marlin in a New Espionage Campaign*Hackers Infected Hundreds of Magento Sites in MageCart Attacks*FBI Alerts Users of Increased SIM Swap Fraud Hijacking Victims Numbers*Advance Threat Group Employing New Implant to Infect Middle East Entities*Threat Actors Targeting European Android Users in Smishing Attacks*Kimsuki Hacker Group Using Commodity RATs with Custom Gold Dragon Malware*Google Patches Two Critical Bugs Via Android Security Updates for Feb 2022*Vulnerable Mimosa Wireless Broadband Products are Exposed to Remote Attacks*SAP Patches Multiple Security Vulnerabilities in its February 2022 Security Patch Day*Vodafone Portugal Hit by Massive Cyberattack*Microsoft Patch Tuesday Security Advisory - February 2022*Politically Motivated Threat Group Targeting Indian Military and Diplomatic Resources*Medusa Malware Targeting Android Users in Smishing Campaigns*Leading Sportswear Manufacturer Puma Suffers Data Breach Following Ransomware Attack*DPD Group's Parcel Tracking Flaw May Expose Customers' Personal Information*Vulnerable Argo CD Exposes Sensitive Information from Kubernetes Apps*American Media Giant News Corp Hit by Persistent Cyberattack*Researchers Identified a New Ransomware-as-a-Service (RaaS) Operation in Cyberattacks*Israeli Company QuaDream Abusing iPhone Security Vulnerability to Deploy Spyware*Switzerland's Aviation Firm Swissport Hit by Ransomware Attack*Chinese Threat Actors Actively Exploiting a Zimbra Zero-day Vulnerability to Steal Emails*Cisco Patches Several Flaws Discovered in Small Business RV Series Routers*Intuit Warns of Phishing Campaign Sending Fake Account Suspended Mails*Antlion Hackers Targeting Financial and Manufacturing Institutes Using Custom Backdoor*Threat Actor Group 'Moses Staff' Using New StrifeWater RAT in Ransomware Attacks*UEFI Firmware Vulnerabilities Impact at least 25 Computer Vendors*Threat Actors Using SEO Poisoning Technique to Install Malware Package*New Malware Used by SolarWinds Hackers Went Undiscovered for Many Years*Kenyon Produce (KP) Snacks Company Suffers Ransomware Attack*Morley Companies Inc. Discloses a Data Breach Post Ransomware Attack*ESET Patches High Severity Vulnerability Affecting its Multiple Products*Threat Actor Group 'Charming Kitten' Using New PowerShell Backdoor in Cyber Espionage Attacks*SolarMarker Malware Employing Novel Techniques to Persist on Hacked Systems*Researchers Disclose New Iranian Hacking Campaign Targeting Turkish Users*Researchers Found a New Oski Malware Variant Dubbed ' Mars Stealer' in Cyberattacks*Phishing Scammers Employing Malicious CSV Files to Drop Malware*German Petrol Supply Firm Oiltanking Severely Impacted by Cyber-attack*British Council Suffers Data Leak, 144000 Records Exposed*Gamaredon Threat Group Using New Malicious Files in Phishing Attack*Samba Patched a Critical Vulnerability that Let Hackers Gain Root Access*Hackers Abusing UPnP Routers to Perform Malicious Activities*WordPress Addresses a Critical Vulnerability in a Plugin with Over a Million Downloads*Russian Threat actors Employ Stealthy Malwares in Cyber Espionage Campaign Dubbed 'StellarParticle'*Taiwanese Electronics Manufacturer, Delta Hit by Conti Ransomware*Hackers Taking Over CEO accounts Using Rogue OAuth Apps*Phishing Operators Using a Windows Update to Install Malware*Researchers Discover Over 20,000 Vulnerable DCIM Systems Prone to Attacks*Finnish Diplomats’ Mobiles Infected with Pegasus Spyware*Patched Windows Vulnerability with New Public Exploits Lets Hackers Become Admin*Linux Version of LockBit Ransomware Targeting VMware ESXi Servers*Discord Suffers Major Outage Caused by API and Database Issues*Chaes Banking Trojan Hijacking Chrome with Malicious Extensions*New FluBot and TeaBot Campaigns Abusing Android Devices Worldwide*Phishing Attack Impersonate Shipping Giant 'Maersk' to Deploy Malware*A Video Game Company BANDAI NAMCO Shutdown Servers to Prevent Cyberattacks*Apple Patches New Zero-day Exploited to Hack macOS, iOS Devices*German Government Warns of APT27 Group Backdooring Business Networks*Linux System Service Flaw Enables Root on all Major Distros*DazzleSpy Malware Targets macOS Users in Watering Hole Attack*Threat Actors Employing Compromised Accounts to Deliver Large-scale Phishing Emails*Premium Subscription-Based Scam Targeting Android Users*TrickBot Malware Operators Added New Techniques to Elude Detections*Russian Threat Group Targeting Government and Defense Industries*New DeadBolt Ransomware Targets QNAP Devices, Demands 50 BTC for Master Key*Initial Access Broker Attack VMware Horizon Servers in Log4Shell Attacks*Canadian Government Hit by Cyberattack, Few Services Disrupted*Threat Actors Hacked Segway Store to Steal Customers' Credit Card Data*Emotet Spam Campaign Using Unconventional IP Address to Evade Security Detections*Phishing Campaign Employing Malicious PowerPoint Files to Push Malware*Threat Actors Now Actively Targeting a Patched Critical SonicWall RCE Bug*Two CWP Bugs Allow Code Execution as Root on Linux Servers*Android Malware BRATA Strikes Back with Enhanced Features, Wipes Device After Stealing Data*Hackers Encrypted Belarusian Railway's Internal Servers in Protest*Researchers Identified a New UEFI Firmware Implant in Cyberattacks*Hackers Backdoored Over 90 WordPress Themes, Plugins in Supply Chain Attack*Researchers Uncover 2 Flaws in Zoom Software, Resulting in Zero-click Attack*SonicWall Provides Temp Fix For Firewalls Stuck in Reboot Loop*CISA Discloses New 17 Vulnerabilities Exploited in Attacks*Threat Group Molerats Targeting Middle East in Cyberespionage Campaign*McAfee Agent Update Fixes Two High-Severity Vulnerabilities*F5 Patches 24 Vulnerabilities in its BIG-IP, BIG-IQ, and NGINX Controller API Products*Dutch National Cybersecurity Centre Warns of Lingering Log4j Threats*WordPress Plugin Flaw Puts Users of 20,000 Sites at Phishing and Code Injection Risk*Several Spyware Campaigns Stealing Credentials in Industrial Firms*DoNot Hacking Group Targeting Government and Military Entities in South Asia*Indonesia's Central Bank Discloses Ransomware Attack, Conti Leaks Data*Cisco Flaws Provide Remote Attackers Root Privileges via Debug Mode*Red Cross Cyberattack Leaks Data of 515,000 Individuals*SolarWinds Patches Serv-U Vulnerability Exploited for Log4j Attacks*Russian Attackers Employing Subscription-based Malware Service to Deploy Malware*Scammers Impersonating United States Department of Labor in Phishing Campaign*A New Stealthy Malware Targeting Users' Cryptocurrency Wallets and Passwords*Researchers Discloses a Critical Flaw in SAP NetWeaver AS ABAP and ABAP Platforms*Critical Flaw in IDEMIA Biometric Identification Devices Enable Unauthorized Access*Large-scale Phishing Campaign Targeting Renewable Energy Firms*Researchers Link New White Rabbit Ransomware to FIN8 Hacking Group*Earth Lusca Hackers Targeting High-Value Targets in Government and Private Sectors*Microsoft Issues Emergency Patches for Windows Server, VPN Bugs*Fashion Giant Moncler Discloses Data Breach Post Ransomware Attack*Microsoft Warns of Fake Ransomware Targeting Ukraine in Data-wiping Attacks*High-Severity CSRF Flaw in 3 WordPress Plugins Affected 84,000 Websites*Nintendo Warns of Phony Sites Pushing Fake Switch Discounts*eNom Data Center Migration Process Knocks Sites Offline*Zoho Patches a Critical Security Flaw in Desktop Central*An Undisclosed npm Dependency Flaw Affected Facebook's Create React App*Vulnerable Apple Safari Browser Allows Hackers to Track User Activity*Cybercriminals Abusing Public Cloud Infrastructure to Distribute Several RAT's*Goodwill's E-commerce Platform 'ShopGoodwill' Suffers Data Breach*Cisco Patches a Critical Bug Affecting Unified CCMP and Unified CCDM*Qlocker Ransomware Returns to Target QNAP NAS Devices Globally*Defense Contractor Hensoldt Discloses a Ransomware Attack*Massive Cyber Attack Knocks Down Several Ukrainian Government Websites*North Korean Hackers Stealing Millions from Cryptocurrency Startups Globally*Financially Motivated Hacking Group Targeting Cryptocurrency Startups*Threat Actors Compromised FIFA 22 Accounts Using Social Engineering Techniques*AWS Patched Security Vulnerabilities that Exposed AWS Customers' Information*Sentinel LABS Released an Unofficial Patch for Privilege Escalation Vulnerability, affecting all Windows Devices*OceanLotus Threat Group is using Web Archive Files to Install Backdoors*Magniber Ransomware Gang now Utilizing Signed APPX Files in Attacks*Microsoft Patched Critical Flaw in Windows HTTP Protocol Stack*Apple Fixed a Persistent Denial of Service (DoS) Flaw Dubbed 'doorLock'*Ransomware Operators Leveraging Log4Shell Exploit to Infect VMware Horizon Systems*Microsoft Patch Tuesday Security Advisory - January 2022*New SysJoker Backdoor Actively Targeting Windows, macOS, and Linux Users*Threat Actors Deploying New RedLine Malware Via Fake Omicron Stat Counter App*KCodes NetUSB Kernel Module Bug Affects Millions of Routers Globally*CISA Warns Federal Agencies of Ancient Flaws Still Being Exploited*Threat Actor Group 'Patchwork' Infecting Users with Ragnatela Malware*Researchers Link 'Abcbot' Botnet Operation to Xanthe Cryptomining Botnet Operators*Threat Actors Targeting Cybersecurity Researchers and Developers in Malware Campaign*State Hackers Employ New PowerShell Backdoor in Log4j Attacks*Vulnerable Open-Source NPM Libraries 'colors' and 'faker' Breaks Thousands of Apps*Linux Version of AvosLocker Ransomware Encrypting VMware ESXi Servers*Researchers Discovered Security Flaw like Log4Shell in H2 Database Console*A New 'Night Sky' Ransomware Targeting Corporate Companies*Microsoft Warns of Persistent Attacks Leveraging Apache Log4j Flaws*Y2K22 Bug Hits SonicWall's Email Security, Firewall Products*Hackers Employ BadUSB to Target Defense Firms with Ransomware*NHS Warns of Unknown Hacker Group Exploiting Log4Shell in VMware Horizon*FluBot Malware Operators Targeting Europe Posing as Flash Player App*FinalSite Hit by a Ransomware Attack that Disrupted Thousands of Schools*QNAP Warns of Attacks Targeted at Internet-exposed NAS Devices*North Korean Hacker Group "Konni" Attacks Russian Foreign Ministry*Credential Stuffing Attacks Impact 1.1 Million Users at 17 Companies*US Online Pharmacy "Ravkoo" Suffers Data Breach Post AWS Portal Hack*Hackers Abusing Google Docs Commenting Feature to Drop Malware*FBI Warns of an Ongoing Google Voice Authentication Scams*Microsoft Releases an Emergency Update to Address Windows Remote Desktop Issues*Threat Actors Injecting Web Skimmer Code to Steal Sensitive Information*U.S. Cellular Disclose Data Breach Post Billing System Hack*Hospitality Chain McMenamins Suffers Data Breach Post Ransowmare Attack*Apple iOS Vulnerable to Denial of Service Flaw "doorLock"*Broward Health Company Discloses a Data Breach, 1.3 Million Individuals Affected*Threat Actors Deploying Purple Fox Malware via Malicious Telegram Installers*Microsoft Release a Temporary Fix to Address Exchange Server Flaw*Kyoto University Loses 77TB of Research Data due to Backup Error*Netgear Leaves Six High Severity Vulnerabilities Unpatched in Nighthawk Router*PulseTV Discloses Data Breach of 200,000 Credit Cards*Researcher Discloses a Security Flaw in Uber's Email System*New iLOBleed Rootkit Wiping Data from Compromised HP Enterprise Servers*AvosLocker Ransomware Group Releases Decryptor Post Breaching US Police*Firmware Attack May Drop Persistent Malware in Hidden SSD Area*Chinese APT Hackers Employ Log4Shell Flaw to Attack an Academic Institution*Prominent Crypto Trading Platform, ONUS Suffers Ransomware Attack via Log4j Hack*Storage Devices of Several Vendors Impacted by Encryption Software Bugs*Norwegian Media Giant Amedia Suffers Disruption Due to Cyberattack*Researchers Disclose New Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics*Apache Releases Log4j 2.17.1 to Address a Remote Code Execution Bug*RedLine Malware Stealing Passwords Saved in Chromium-based Web Browsers*BlackTech Cyber-espionage APT Targeting Japanese Companies Using Flagpro Malware*Threat Actors Attempted to Compromise LastPass Users Master Passwords*Researchers Identify Infiltration of Riskware Apps on Samsung's Galaxy Store*Threat Actors Actively Abusing MSBuild for Cobalt Strike Beacon Execution*Photo Services Giant Shutterfly Hit by Conti Ransomware Attack*ech0raix Ransomware Group Actively Scanning for Vulnerable QNAP NAS Devices*Pirated 'Spiderman: No Way Home' Movie Torrent Delivers Crypto-Mining Malware*Several Vulnerabilities in Garrett Metal Detectors Let Hackers to Alter Configurations*Global IT Services Provider Inetum Suffers Ransomware Attack*Android Banking Trojan Spreads via Bogus Google Play Store Page*Blackmagic Patches Critical DaVinci Resolve Code Execution Flaws*Dridex Operators Targeting Covid-19 Victims via Omicron Phishing Taunts*Monongalia Health System Suffers Email Breach, Affecting 400,000 Individuals*NVIDIA and HPE Patches Apache Log4j Library Vulnerabilities in its Products*Researchers Disclose a New Variant of Babuk Ransomware*New Dell BIOS Updates Results in Laptops and Desktops Boot Issues*Apple Patches macOS Security Flaw Behind Gatekeeper Bypass*Researchers Uncover New Phishing Campaign Aimed at CoinSpot Crypto Exchange*Threat Actors Deploying Stealthy BLISTER Malware on Windows Devices*Pro Wrestling Tees Discloses Data Breach, 31,000 Customers Info Compromised*Apache Patches Two Severe Security Vulnerabilities in its HTTP Server*Microsoft Azure App Service Bug Exposes Customers Source Code Repository*CISA, FBI and NSA Releases Joint Advisory and Scanner for Log4j Vulnerabilities*Chinese-speaking Espionage Group Targeting Government and Transportation Sectors*Researchers Identify Stealthy Backdoors in Auerswald's COMpact 5500R PBX's Firmware*All Mobile Phone Generations Since 2G Vulnerable to Newly Identified Mobile Network Vulnerabilities*FBI: Threat Actors Actively Exploiting New Zoho Zero-Day Since October 2021*Over 820,000 Vulnerable WordPress sites are Exposed to Attacks*PYSA Ransomware Group was Behind Major Attacks in November 2021*Scammers Impersonate Pharmaceutical company 'Pfizer' in Phishing Attacks*Sony Life Insurance Employee Arrested for Stealing $154 Million Dollars*Hackers Taking Over Vulnerable Windows Domains via Elevation of Privilege Vulnerabilities*Researchers Suspect 'Cytrox' for Distributing 'Predator' Spyware on iPhones*Cyber Criminals Infected U.S. Federal Agency's Network with Backdoor*Malicious Android App Distributes New Joker Malware, Infected Over 500,000 Android Users*Hackers Distributing New Stealthy DarkWatchman Malware through Phishing Emails*Threat Actors Revived TellYouThePass Ransomware in Linux, and Windows Log4j Attacks*Threat Actors Exploiting Log4j Vulnerability to Deploy Dridex Banking Malware*Western Digital Urges Users to Upgrade their My Cloud Devices*Logistics Firm "Hellmann" Warns Users of BEC Emails Post Ransomware Attack*Threat Actors Infected Over 35,000 Computers in 2021 Using a New PseudoManuscrypt Malware*Threat Actors Targeting Spider-Man Franchise Fans with Credit-Card Harvesting*VMware Patches a Critical Flaw in Workspace ONE UEM*Phorpiex Botnet Surfaces Again with a more Sophisticated Variant*Khonsari Ransomware Group Targeting Self-Hosted Minecraft Servers*Apache Issues a New Patch to Fix 3rd Log4j Vulnerability*Researchers Suspect New Attack Vector Identified in Log4j Exploits may Expand the Attack Surface*Iranian State-Sponsored Hacker Abused Slack API to Steal Asian Airline Data*US Prominent Brewery and Hotel chain "McMenamins" Hit by a Conti Ransomware Attack*Log4j Hackers Switch to Injecting Monero Miners via RMI*Credit Card Skimmers Targeting Ecommerce Sector via Magecart Attacks*DDoS Mitigation Service Provider "Cloudflare" Suffers Widespread Latency and Timeouts*A New Espionage Campaign Targeting Telecom Organizations in Middle East and Asia*Hackers Steal Microsoft Exchange Credentials Using Backdoor "Owowa "*Threat Actors Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges*Apple Releases an iOS Update for Remote Jailbreak Exploit*PyPi Removes 3 Python Packages Suspected of Dropping a Trojan on Victim Systems*Virginia Information Technology Agency Suffers Ransomware Attack*Workforce Management Solutions Provider, Kronos Suffers Ransomware Attack*Over 300,000 MikroTik Devices Still Vulnerable to Remote Hacking Flaws*AWS Suffers Second Outage in this Month, Impacts Twitch, Zoom, PSN, Hulu, others*Vulnerabilities in Wi-Fi and Bluetooth Chips Enable Hackers to Steal Passwords*Researchers Identify "ALPHV" as the Most Sophisticated Ransomware in 2021*Threat Actors Actively Exploiting Log4Shell Vulnerability to Deliver Malware on Vulnerable Machines*Partially Fixed Dell Computer Drivers Still Vulnerable to Windows Kernel-level Attacks*Threat Actors Targeting German E-Banking Users via New Phishing Campaigns*Volvo Cars Suffers Ransomware Attack, R&D Information Exposed*Researchers Link 'XE Group' to Eight Years of Credit Card Theft*Apache Foundation Releases a Security Patch for Second Log4j Vulnerability*Microsoft Patch Tuesday Security Advisory - December 2021*Mojang Studios Publishes an Emergency Minecraft Update Amid Critical Log4j Vulnerability Exploits*Threat Actors Dropping Agent Tesla Malware Using PowerPoint Macros in On-going Phishing Campaigns*Hackers Employ Known Info-stealing Malware "TinyNuke" Targeting French Users*Researchers Disclose Building Blocks of Widely Active Qakbot Banking Trojan*AWS Discloses the Cause Behind the Recent Massive Outage*Researches Disclose an Active Campaign Exploiting Over Vulnerable 1.6 Million WordPress Sites*17 Malicious NPM Packages Let Attackers to Steal Discord Tokens*Google Pushes Emergency Chrome Update to Fix Zero-day in its Chrome Browser*South Australian Government Data Breach Expose Over 80,000 Employees Info*Threat Actors Targeting Enterprises Using New Zero-day Exploit for Log4j Java Library*StrongPity Hacking Group Pushing Malware Using Malicious Notepad++ Installers*Dark Mirai Botnet Actively Targeting Unpatched TP-Link Routers*Hackers Targeting US Universities via Office 365 Phishing Campaigns*Vulnerable Hikvision's IoT Devices Targeted by Moobot Botnet*Emotet Malware is Now Installing Cobalt Strike Directly on Infected Devices*Fujitsu Cites the Breach on Japanese Ministries' on Stolen ProjectWEB Credentials*Cox Communications Disclose Data Breach Post Hacker Impersonates Support Agent*SanDisk SecureAccess Flaw Enables Brute Force Attacks Against Vault Passwords*Google Fixes High Severity Use-After-Free Vulnerabilities in its Chrome Browser*SolarWinds Hackers Targeting Government and Business Organizations Worldwide*Phony KMSPico Software Stealing Victims' Cryptocurrency Wallets*Hackers Employ Fake 'Spam Notification' Phishing Emails to Steal Microsoft Credentials*SonicWall Patches Several Security Flaws in its SMA 100 Series Appliances*Grafana Patches a Zero-day Flaw Post Exploits Spread Over Twitter*Popular Cloud Service Providers Affected by Multiple Vulnerabilities in Eltima SDK*AWS Suffers Outage, Impacts Ring, Netflix, and Amazon Deliveries*QNAP Warns Users to Secure NAS Devices Against Bitcoin Miner*Conti Ransomware Strikes Scandinavian Hotel Group "Nordic Choice"*Hundreds of SPAR Stores Suffer Massive Outage in Northern England*BitMart Cryptocurrency Exchnage Loses $200 Million Worth of Cryptocurrency Tokens Post Hack*Microsoft Seizes Domains Used by APT15 Chinese State Hacker Group*Researches Disclose 17 Malicious Frameworks Used to Attack Air-Gapped Networks*Pakistani Threat Actor "SideCopy" Targeting Indian and Afghan Governments*Malvertising Campaigns Distributing Backdoors and Malicious Chrome Extensions*Threat Actors Distributing Android Banking Malware "BRATA" via SMS Phishing Campaign*Researchers Disclose 14 New XS-Leaks Attacks on Well-known Web Browsers*Finland's National Cyber Security Centre Warns of New Android Banking Malware Campaigns*Threat Actors Employing RTF Template Injection Method in Phishing Campaigns*Phishing Actors Actively Exploiting Users Via Omicron Themed Phishing Campaign*Zoho Patches a Critical ManageEngine Bug Exploited in Wild*Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats*Scammer Sentenced for Stealing Millions of Dollars of Cryptocurrencies via SIM Hijacking*Threat Actors Promoting a Malicious Android App to Steal Malaysian Bank Credentials, and MFA Codes*BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers*New Malware "NginRAT" Actively Targeting E-commerce Servers*Planned Parenthood LA Discloses Data Breach Post Ransomware Attack*Threat Actors Spreading Emotet via Fake Adobe Windows App Installer Packages*Four Android Banking Trojans Infected Over 300,000 Android Devices in 2021*Mozilla Patches a Critical Flaw in its Cross-platform Cryptography Library*TrickBot Malware Authors Employing New Ways to Evade Detection*Russian Threat Actors Employing Babadeda Crypter to Evade Detection*Hardware Giant "HP" Patches 8-year-old Critical Flaws in its Multi-functional Printers*Ohio-based DNA Testing Firm "DNA Diagnostics Center" Discloses Data Breach, Impacting 2.1 Million People*'Sabbath' Ransomware Operators Target Critical Infrastructure in US and Canada*North Korean Defectors and Journalists Targeted by a New Chinotto Malware*Threat Actors Utilizing Compromised Google Cloud Instances to Mine Cryptocurrency*Marine Services Provider "Swire Pacific Offshore" Suffers Ransomware Attack*Threat Actors Hide New Linux Malware Payload in Cron Jobs to Steal Credit Card Data*Stealthy Hacker Group "WIRTE" Targeting Governments in the Middle East*Researchers Warn of Attacks Targeting Recently Patched Apache HTTP Server Vulnerability Exploited in Wild*Japanese Multinational Conglomerate "Panasonic" Discloses Data Breach Post Network Hack*Furniture Retail Giant IKEA Email Systems Hit by Ongoing Cyberattack*Researchers Disclose New Zero-day Vulnerability in Windows 10 Mobile Device Management Service*APT C-23 Hackers Targeting Target Middle East Users Using New Android Spyware Variant*Researchers Uncover a New Stealthy JavaScript Malware Dropping Several Windows based RATs*Iranian Threat Actors Exploiting Microsoft MSHTML RCE Flaw to Steal Google, Instagram Credentials*Advanced Hacking Group Targeting Biomanufacturing Industries Via New Malware Variant*Researchers Linked North Korean Attackers to Several Credential Theft Campaigns*Malicious Python Libraries Steal Discord Tokens and Install Reverse Shells*PHP Deserialize Bug in CloudLinux Imunity360 May Lead to Remote Code Execution*"RedCurl," A Corporate Cyber Espionage Threat Group Strikes With New Hacking Tools*Cisco Patches a High Severity Bug in its Cisco ASA and FTD Firewalls*MediaTek Chips Bugs Affect 37% of All Smartphones and IoT Globally*VMware Patches Multiple Vulnerabilities in its vCenter Server and Cloud Foundation*Over 6 Million Sky Routers Vulnerable to Takeover Attacks for 17 months*New Android Banking Malware ‘SharkBot’ Hitting Targets in U.S., UK and Italy*North American Wind Turbine Giant "Vestas" Suffers a Data Breach*Iran Airlines "Mahan Air" Hit By Cyber Attack*Threat Actors Actively Exploiting New Windows Installer Zero-day Flaw*US SEC Alerts Investors About Ongoing Impersonation Attacks*Utah Medical Center Suffers Data Breach; 582k Patients Info Stolen*Threat Actors Hacking Vulnerable Microsoft Exchange Servers to Hijack Internal Email Chains*GoDaddy Suffers Data Breach Affecting 1.2 million Customers*Android Malware BrazKing Back with New Stealthy Techniques*Threat Actors Abusing Glitch Cloud Service to Host Short-lived Phishing Websites*APT Group Exploiting FatPipe VPN Zero-Day Bug Since May 2021*Vulnerable eCommerce Sites Allow Hackers to Deploy a New Linux Backdoor*Attackers Employing Domain Fronting Technique to Evade Malicious Traffic*Attackers Distributing Emotet Malware in New Spam Campaigns*Netgear Fixes Pre-Authentication Buffer Overflow Bug which Affects various Products*New TikTok Phishing Attack Targeting Influencers’ Accounts*Emotet Botnet Returns Using TrickBot Malware*Microsoft Released Emergency Updates to Fix Windows Server Authentication Issues*NPM Patched Private Package Names Leak and Serious Authorization Flaw*New Release Google Chrome 96 Shatters Twitter and Discord Web Apps*WordPress Sites are Targeted to Display Fake Ransomware Notes*High Severity Flaws Discovered in BIOS Firmware Affects Various Intel Processors*Hackers Actively Targeting Alibaba ECS Instances to Deploy Cryptojacking Malware*Lazarus Attackers Targeting Security Researchers with Trojanized IDA Pro Application*Attackers Hacked FBI Email Servers to Distribute Spam Campaign*American Retail Giant 'Costco' Reveals Data Breach After Identifying Credit Card Skimmer*A Zero-Day Flaw in the Windows User Profile Service Gets Free Unofficial Patch*BotenaGo Malware Targeting Millions of Routers and IoT Devices with 33 Exploits*TrickBot Hackers Abused Microsoft's App Installer in Spam Campaigns*WP Reset PRO Plugin Enables Attackers to Hijack Websites*Netflix, Instagram, and Twitter Users are Targeted by New Android Malware*TeamTNT Cybercrime Group Actively Targeting Vulnerable Docker Servers*German Medical Software Company Medatixx Hit by Ransomware Attack*Palo Alto Addresses Multiple Vulnerabilities in PAN-OS*Clop Ransomware Gang is now Exploiting SolarWinds Serv-U flaw in Attacks*Zombie-themed Phishing Emails Infecting Users with MirCop Ransomware*A New Variant of Mekotio Banking Trojan Spotted in the Wild*Microsoft Patch Tuesday Security Advisory - November 2021*Microsoft Warned Admins to Patch Exchange Server Vulnerability*Cisco Patches Hard Coded Credentials and Default SSH Key Issues in its Catalyst PON Switches*Researchers Disclose a Critical RCE Vulnerability in Linux Kernel's TIPC Module*Scammers Harvesting Microsoft O365, Google Logins Via Fake Proofpoint Emails*Researchers Disclose Two Critical SQL Injection Flaws in Philips Healthcare Informatics Solution*Prominent Stock Trading Platform "Robinhood" Suffers a Data Breach*Electronics Giant "MediaMarkt" Hit by Hive Ransomware Attack*Threat Actors Actively Targeting Patched Sitecore XP RCE Flaw*Central Depository Services (India) Limited Discloses a Data Breach*Babuk Ransomware Deployed via Microsoft Exchange ProxyShell Vulnerabilities*New Android Rooting Malware "AbstractEmu" Takes Over Mobile Phones Via Root Access*CISA Discloses a Catalog of Known Exploited Vulnerabilities for Multiple Products*UK Labour Party Discloses a Data Breach Post Ransomware Attack*Critical Flaw in Cisco Policy Suite's Hardcoded SSH Key Lets Remote Hackers Gain Root Access*US Defense Contractor Electronic Warfare Associates (EWA) Suffers Data Breach*Google Patches Actively Exploited Kernel Bugs in its Android November Patch*Microsoft Suffers Outage, Blocks Access to Onedrive and Sharepoint Files*Over 30,000 Unpatched GitLab Servers Vulnerable to Already Patched Critical RCE Flaw*Over 1.6 Million Devices in China Infected by Pink Botnet*Researchers Uncovered Multiple Critical Flaws in Pentaho Business Analytics Software*Threat Actors Used Kaspersky's Stolen Amazon SES Token in Office 365 Phishing Campaigns*Threat Actors Distributing Chaos Ransomware via Fake Minecraft 'alt list' Text Files*Threat Actors Deploying Snake Infostealer Malware Via Phishing Emails*Iranian Hackers Breach Israeli Web Hosting Provider"Cyberserve"*Canadian Province Health Care System Hit by Cyberattack*Researchers Disclose New Spook Ransomware Built on Prometheus Code Exposing All Victims*Pirated Sports Streamer Hacked Major American Sports Leagues and Tried to Extort MLB for $150,000*Hive Ransomware Group Launches New Variants Capable of Encrypting Linux and FreeBSD Devices*Israeli Internet Firm Hit By Ransomware Attack Led By Iranian Hackers*UMass Memorial Health Care Center Suffers Data Breach*Google Fixes the Flaw Causing Chromebooks Failing to Enroll Devices*Google Patches Two Zero-Day Bugs in Chrome Browser*macOS Flaw Allow Hackers to Deploy Rootkits*WordPress's OptinMonster Plugin Flaw Allow to Hijack Sites*Threat Actors Targeting YouTubers’ in Phishing Campaigns*Cybercriminals Delivering Ransomware via Malicious NPM Packages*Apple Fixed 22 Security Flaws in iOS and iPadOS Devices*Iranian Gas Station Hit by a Cyberattack*Hackers Employing a New Squirrelwaffle Malware In Spam Email Campaigns*Attackers Used a New Yanluowang Ransomware in Targeted Attacks*Russian Attackers Delivering Malicious Documents in Phishing Campaign*WordPress Plugin Flaw can Lead to Complete Takeover of Vulnerable Sites*South Korea's Telecommunications Firm 'KT Corporation' Suffers Nationwide Outage*CISA Advised to Fix Critical Flaw in Discourse Software*Attacker Hijacked NPM Library to Compromise Windows and Linux Devices*macOS Malware Utilizes New Evasion Techniques*New PurpleFox Backdoor Uses WebSockets for C2 Communication*SCUF Gaming International Suffers Data Breach: 32,000 Customers Affected*Attackers Distributing Malware Through Korean Webhard and Torrent Websites*New Threat Group Targeting South Asian Organizations Using Custom Malware*Chinese Attackers Exploited Windows Zero-Day Vulnerability in Cyberattacks*FBI Alerts on Fake Govt Sites Used to Steal Sensitive Information*Telecommunications Company 'Sinclair Broadcast Group' Hit by Ransomware Attack*The University of Sunderland Hit by Cyberattack*Olympus US Systems Hit by Cyberattack*Ecuador's Largest Bank 'Banco Pichincha' Hit by Cyberattack*Microsoft Fixed Compatibility Issues in Windows 11 KB5006674 Cumulative Update*Attackers Using Math Symbols in Phishing Campaigns*Microsoft Azure's Customer Hit by Largest DDoS Attack*Microsoft Patch Tuesday Security Advisory - October 2021*Apple Fixes a Zero-day Flaw in an Emergency iOS 15.0.2 Update*Google Fixes Four High-Severity Flaws in its Chrome Browser*American Pacific City Bank Hit by AvosLocker Ransomware Attack*Threat Actors Targeting Linux Devices Using New FontOnLake Rootkit*Ransomware Group FIN12 Aggressively Attacking Healthcare Sectors*Cox Media Group Discloses a Data Breach Post Ransomware Attack*Threat Actors Impersonating "QuickBooks" in Ongoing Phishing Campaigns*Global Brewery Firm BrewDog Exposes 200,000 Customers Sensitive Information*Researchers Disclose New Android Malware Infecting Android Mobiles*Telecommunication Firm 'Syniverse' Discloses a Database Breach*Microsoft Patched Flaw Prevent Security Updates for Azure Virtual Desktops*Apache Emergency Update Patched Incomplete Fix for Actively Exploited Bug*Researchers Disclose UEFI Bootkit Exploiting Windows Systems Since 2012*Live Streaming Platform 'Twitch' Suffers Massive Data Leak*APT Group "ChamelGang" Targeting Fuel, Energy, and Aviation Industries*Researchers Disclose Multiple Critical Flaws in Honeywell Experion PKS and ACE Controllers*Apache Patches a Zero-Day Vulnerability in its Web Server*The Telegraph Suffers Massive Data Breach;10 TB Database Leaked*Researchers Link Disparate Malware Attacks to Chinese Cyber-espionage Group*Unknown Ransomware Gang Encrypting VMware ESXi Servers Using Python Script*Industry Publication Giant Sandhills Global Hit by a Ransomware Attack*Misconfigured Apache Airflow Servers Leak Credentials*New Atom Silo Ransomware Group Targeting Unpatched Confluence Servers*An Unpatched Flaw Enables Contactless Payments From Locked iPhones*Threat Actors Targeting Commerzbank Customers Via New Malware Campaign*Hackers Steal Cryptocurrency from Coinbase Customers Using MFA Flaw*Threat Actor Group "GhostEmperor" Backdooring Windows 10 Systems Using a Rootkit*WhatsApp, Instagram and Facebook Suffers Massive Outage Due to a Configuration Error*Google Fixes Two Zero-Day Flaws in its Chrome Browser*Hackers Spreading Flubot Android malware Via Fake Security Updates*QNAP Patches 3 High-severity Stored Cross-site Scripting (XSS) Flaws Affecting NAS Devices*MoneyLion Discloses a Data Breach Post Credential Stuffing Attacks*Neiman Marcus Discloses a Massive Data Breach; 4.3 million Users Affected*Fake Amnesty International Pegasus Antivirus Affects Windows Systems*JVCKenwood Hit by CONTI Ransomware Attack*Threat Actors Hijack Windows Boot Manager With UEFI Bootkit*Microsoft Warns of Cyber Attacks Targeting Active Directory FS Servers*Hackers Draining Brazil's PIX Payment System Users' Bank Accounts*Researchers Linked New Tomiris Backdoor to Hackers Behind SolarWinds Cyberattack*Giant Trucking Company "Forward Air" Suffers Data Breach*Microsoft Suffers MFA Outage; Access to Microsoft 365 Services Blocked*Threat Actors Distributing a New Jupyter Malware Version Via MSI Installers*Threat Actors Stealing Financial Data from 378 Banking and Wallet Apps Via "ERMAC" Malware*Multiple Cyberattack Campaigns Abusing Atlassian Confluence RCE Flaw*Colossus Ransomware Hits Prominent Automobile Company in the USA*Twitter Web Client Suffers Worldwide Outage*Threat Actor Targets Indian Government With Commercial RATs Via Operation Armor Piercer Campaign*QNAP Patches Two Critical Flaws in its QVR Software*Prominent Communications Provider "Bandwidth.com" Hit By a DDoS Attack*New Malware 'BloodyStealer' Targeting Popular Gaming Platforms*Google Fixes High-Severity Zero-Day Flaw in its Chrome Browser*Researcher Discloses Exploit Codes for 4 iOS Zero-Day Flaws on GitHub*Microsoft Warns Organizations About a Wide-Scale Phishing-as-a-Service Operation*Colombian Real Estate Firm "Coninsa Ramon" Suffers Data Breach*Scammers Targeting US, Canada Users Via New Android Malware*SonicWall Patches a Critical Vulnerability in its SMA 100 Series Products*Threat Actors Deploying Web Shells Via Nagios RCE Vulnerabilities*Researchers Disclose a Remote Code Execution Flaw in AWS WorkSpaces*Netgear Patches a Remote Code Execution Vulnerability in its Routers*Threat Actors Employing BitRAT to Target South American Organizations via Spam Campaigns*Cisco Patches Three Critical Flaws in its IOS XR Software*Apple Patches a Zero-day Flaw Used to Hack iPhones and Macs*Threat actor Group "FamousSparrow" Breaching Hotels Worldwide Via ProxyLogon Exploits*Cyber Criminals Deploying Rootkit Via a New Bug in Microsoft Windows*Threat Actors Targeting Organizations in Latin America Via a New Banking Trojan*Threat Actors Employing New Malware Campaigns to Mine Cryptocurrency*Cring Ransomware Group Actively Exploiting Decade-Old Patched ColdFusion Vulnerabilities*Microsoft Exchange's Autodiscover Flaw Leaks 100K Windows Credentials*Russian Threat Actors Deploying TinyTurla Malware as Secondary Stage Backdoor*VMware Fixed Critical Arbitrary File Upload Vulnerability in its vCenter Server*Researchers Disclosed a New Zero-Day Vulnerability in macOS Finder*Republican Governors Association's Server Breached Via Microsoft Exchange Cyberattack*US Farmer Cooperative Suffered a BlackMatter Ransomware Attack*Over 1.4 Million COVID-19 Test Results From Multiple Hospitals Exposed in Paris*Scammers Sending Spam Emails to Promote Elon Musk-themed Cryptocurrency Scam*VoIP.ms Hit By a DDoS Attack; Multiple Services Impacted*AMD Patches An Information Disclosure Flaw in its Chipset Driver*Prominent Integration Service Provider, Travis CI Patches a Critical Security Flaw*Researchers Uncovered Phishing Campaign "Operation Layover" Targeting Aviation Industry*Threat Actors Deploying New Malware to Compromise Windows Subsystem for Linux Environment*Tamil Nadu Public Department Hit by Ransomware Attack*Netgear Patches Third Critical Bug in its Smart Switches*Microsoft Patches a Critical Flaw in Open Management Infrastructure Affecting Azure Cloud Services*Adobe Patches 36 Critical Vulnerabilities in its Products*Threat Actors Impersonate US Department of Transportation to Steal Microsoft Credentials*South Africa's Justice Ministry Suffers Ransomware Attack*Microsoft Warns of Information Leakage Vulnerability in Azure Container Instances*Cyber Criminals Deploying New Linux Cobalt Strike Beacons in Ongoing Cyber Attacks*Nitro Software Patches a Remote Code Execution Flaw in its Nitro Pro PDF*Threat Actors Spreading New ZLoader Malware Through Fake TeamViewer Installer*Millions of Computers Affected by HP Omen's Privilege Escalation Bug*Microsoft Patch Tuesday Security Advisory - September 2021*Telecommunications Provider "MyRepublic" Suffers Data Breach*New Android Banking Trojan Dubbed "S.O.V.A" Emerges With Growing Capabilities*TeamTNT Hacking Group Stealing Credentials Using New Open-Source Tools*Apple Patches Zero-click iPhone Exploit Deploying Pegasus Spyware*Google Patches 2 Zero-day Flaws in its Chrome Browser*“FudCo” Spam Empire Linked to Pakistan-based Software Firm*Howard University Suffers Ransomware Attack Leading to Network Shutdown*Threat Actors Targeting Kurdish Ethnic Group Via Mobile Spyware Attacks*New Windows 0-Day Attack Targeting Users Via Weaponized Office Documents*Meris Botnet Launches a 22 Million RPS DDoS Attack*Cisco Patches Multiple High-Severity Flaws in its IOS XR Software*Threat Actors Leaked 500,000 Fortinet VPN Credentials On Hacking Forum*Zoho Patches Critical Vulnerability in its ManageEngine ADSelfService Plus Solution*Critical Flaw in HAProxy Result in HTTP Request Smuggling Attack*FIN7 Group Deploying Backdoor Via Windows 11 Alpha-themed Word Documents*Ribbonsoft’s dxflib Library Flaw Allow Attackers to Remotely Execute Commands*New Malware Family Leverages CLFS Log Files to Evade Detection*Threat Actors Hacked Jenkins Project's Confluence Server to Install Monero Miners*NPM, Package Manager Patches a Critical Bug in the Package Pac-Resolver*Microsoft Links SolarWinds Serv-U SSH Zero-Day Attack to Chinese Hackers*Netgear Patches High Severity Bugs in its Smart Switches*Threat Actors Exploiting Confluence Bug to Install Cryptocurrency Miners*Billions of Bluetooth Devices From Multiple Vendors Remain Highly Vulnerable to BrakTooth Flaws*Dallas Public School Suffers Data Breach*Canada Immigration Accepts Additional 7,300 Applications in TR to PR Program Due to a Technical Bug*Cisco Patches Critical Authentication Bypass Flaw in NFV Infrastructure Software (NFVIS)*Over 60,000 Parked Domains Were Vulnerable to Domain Hijacking Attacks*Autodesk Targeted By SolarWinds Hackers Via Sunburst Backdoor*LockFile Ransomware Bypassing Protection Via Intermittent File Encryption*Microsoft Exchange ProxyToken Flaw Allow Attackers to Access User Email Messages*Multiple Vulnerabilities Identified in Fortress S03 Wi-Fi Home Security Systems*Threat Actors Selling a GPU Based Malware Via Hacker Forums*Annke Patches a Stack-based Buffer Overflow Flaw in its Video Surveillance Product*Synology Discloses Open SSL Vulnerabilities Impacting its NAS Devices*Attackers Abusing Proxyware Applications to Monetize Malware Campaigns*QNAP Discloses OpenSSL Flaws Impacting its NAS Devices*New York Credit Union Discloses An Insider Threat; 21GB of Sensitive Data Destroyed*Google App Bug Restrict Users To Make & Receive Calls*Attackers Distributing Phishing Mails Using Open Redirect Links*Researchers Warn Users About Four Emerging Ransomware Groups*FIN8 Threat Group Targeting Financial Institutions Using Sardonic Backdoor*U.S. Based Computer Retail Company Targeted by New SideWalk Backdoor*Critical F5 BIG-IP Vulnerability Affects Customers in Sensitive Sectors*VMware Fixes Four High Severity Flaws in vRealize Operations Manager API*Microsoft Power App Leaks 38 Million Sensitive Data Records Via Misconfigured Tables*Threat Actors Actively Exploiting 15 Vulnerabilities to Hack Linux Systems*Microsoft Warns Customers of Azure Critical Cosmos DB Vulnerability*Cisco Patched a Critical Flaw in its APIC Software*Boston Public Library Suffers System Wide Outage*Cyber Criminals Deploying BazaLoader Malware via Fake DDoS Notifications*Emsisoft Releases Free Decryptor for SynAck Ransomware Victims*Compromised WhatsApp Mod Distributing Malicious Payloads Via Supply Chain Attack*Threat Actors Discreetly Marketing ShadowPad Malware Among Chinese Espionage Groups*NSO Group Deploying Pegasus Spyware Via New Zero-click iPhone Exploit*OpenSSL Vulnerabilities May Be Exploited For Multiple Cyber Attacks*ACROS Security Releases a Micro Patch to Address PetitPotam Flaw*Mozi, an IoT Botnet Targets Network Gateways and IoT Devices*Threat Actors Actively Exploiting Newly Disclosed Realtek SDK Vulnerabilities in the Wild*AT&T Denies Data Breach Post Attacker Auctions 70 Million User Database*Google Discloses Information of Unpatched Windows AppContainer Vulnerability*Cloudflare Thwarts the Largest DDOS Attack Ever Recorded*Microsoft Exchange Servers Under Attack By New LockFile Ransomware*SAC Wireless, A Nokia Subsidiary Discloses Data Breach Post Conti Ransomware Attack*Phishing Campaign Used a XSS Flaw in UPS Website to Distribute Malware*Vulnerable Microsoft Exchange Servers Under Attack Via ProxyShell Vulnerabilities*Attackers Hacked US Census Bureau Servers Using Citrix Vulnerability*Critical Vulnerability Discovered in the Universal Plug-and-Play (UPnP) Service of Multiple Cisco Routers*BadAlloc Flaw Affects BlackBerry's QNX Real-Time Operating System (RTOS)*Chase Bank Suffers Data Leak Via Technical Glitch*Data Exfiltration Attacks Can Bypass Cisco Safety Products*Ransomware Attacks Hit Maine's Rural Sewage Treatment Plants*Memorial Health System, Florida Suffers Ransomware Attack*Attackers Targeting Multiple Users in Mexico via Neurevt Trojan*Adobe Patches Critical Photoshop Security Flaws*Critical Flaw in ThroughTek's Point-to-Point (P2P) SDKs Impacting Million IoT Devices*Fortinet Delays Patching a Zero-day Bug in its Web Application Firewall (WAF)*Multiple Realtek Related Flaws Affecting its Wi-Fi SDKs; Impacting Nearly a Million IoT Devices*Tokio Marine's Singapore Branch Suffers Ransomware Attack*Threat Actors Selling Ficker Info Stealer Malware as a Malware-as-a-Service (MaaS)*Iranian Government-linked Hacker Groups Conducting Cyber Espionage Activities in Israel*Attackers Use 'CAPTCHA' Images to Trick Users into Bypassing Browser Warnings*Brazilian National Treasury Suffers Ransomware Attack*Threat Actors may use Middleboxes Related Flaws for TCP Reflected Amplification*Threat Actors Distributing WarzoneRAT via Compromised WordPress Sites*TA505 Threat Group Installing ServHelper RAT Using New Techniques*Multiple STARTTLS Related Bugs Found in Popular Email Clients*Trend Micro Addresses Wild Zero-Day Vulnerabilities*T-Mobile Suffers Massive Data Breach; 100 Million Customers Data Stolen*The Infamous AlphaBay Darknet Market Has Reopened for Business*Microsoft Spotted Hackers Using Morse Code in Phishing Campaigns to Evade Detection*Threat Actors Employing CAPTCHA Protected Phishing Campaigns*Scammers Impersonating FINRA in an Ongoing Phishing Campaign*Multiple Flaws in Wodify Fitness Platform Allow Hackers to Take Control*New AdLoad Malware Variant Escapes through Apple's XProtect Defence*Ford Flaw Exposed Sensitive Information from Internal Systems*Attackers Can Now Spy On DNS Traffic via Bugs in Managed DNS Services*Intel Releases Patches for High-Severity Flaws in NUC 9 Extreme Laptops, Ethernet Linux Drivers*Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising*One Million Stolen Credit Cards Data Leaked on Carding Marketplace*Gigabyte Suffers RansomEXX Ransomware Attack*Microsoft Confirms another Zero-Day Bug in Windows Print Spooler*Accenture Hit by LockBit Ransomware Attack*Attackers Stole Cryptocurrency worth of $600 Million*Researchers Revealed eCh0raix Ransomware Targeting Both NAP and Synology NAS Devices*Microsoft Patch Tuesday Security Advisory - August 2021*Adobe Patched Several Critical Vulnerabilities in its Products*Russian Federal Executive Authorities Targeted by Chinese Threat Actors*Chinese Threat Actors Targeting Prominent Southeast Asian Telecom Firms*Joplin City Suffers from Ransomware Attack*FatalRAT Trojan Exploiting Telegram*New FlyTrap Malware Compromises Thousands of Facebook Accounts*New Chinese Spyware Used in Widespread of Cyber Espionage Attacks*VMware Patches Security Vulnerabilities in Workspace ONE Access and Identity Manager*INFRA:HALT Flaws Affect Embedded TCP/IP Stack Widely Used in OT Devices*Cisco: Firewall Manager RCE Flaw is a Zero-day, Patch Incoming*Go & Rust Languages Affected by Critical IP Address Validation Flaw in "net" Library*New York City Public School's Info Leaked; Officials Confirm*Threat Actors are Actively Exploiting Vulnerable Home Routers*Solarmarker Malware Targeting Healthcare and Education Sectors*Attacker Scanning Microsoft Exchange Servers for ProxyShell Vulnerability*New APT Threat Group Targeting Microsoft IIS Servers*Google Fixed Several High-Severity Security Flaws in Android OS*Linux Variant of BlackMatter Ransomware Encrypting VMware ESXi Machines*New Android Malware Vultur Abuses Accessibility Services*Energy Group ERG Reports Minor Interruptions Post Ransomware Attack*Google Patches Several Chrome Vulnerabilities*New Cobalt Strike DoS Vulnerability Allows Takedown of Attackers’ Servers*Advanced Technology Ventures Discloses a Data Breach Attack*Cisco Patches Pre-Auth Security Flaws in its VPN Routers*Romania Cryptojacking Attackers Targeting Linux Devices*Multiple TransLogic Firmware Vulnerabilities Discovered; Major Impact on North America Hospitals*Italy's Lazio Region Suffers Ransomware Attack*New Meteor Malware Used in Iranian Railway Attack*Multiple Vulnerabilities Patched in WordPress Download Manager*Node.js Patched Severe HTTP Vulnerability*Russians Attackers Compromised Federal Prosecutors Email Accounts*New Vulnerabilities could let Attackers to Compromise Zimbra Server via Email*Researchers Discovered New Haron Ransomware Gang*A New .Stolen Ransomware Deleting Disc Shadow Copies Post Encrypting Disc Drives*LockBit 2.0 Ransomware Uses Group Policies to Encrypt Windows Domains*Attackers Compromised Chipotle’s Marketing Account to Deliver Phishing Emails*Multiple Flaws Discovered in 3 Open-Source Software*DarkSide Ransomware Gang Returns as New BlackMatter Ransomware*Attackers Installing PlugX Malware Variant on Compromised MS Exchange Servers*Northern Ireland Suspends COVID Certificate Service Post Data Breach*Attackers Posed as Aerobics Instructors to Target Employees*APT Attackers Distributed Android Trojan via Syrian E-Government Portal*UC San Diego Health Suffers Data Breach Post Phishing Attack*Oracle Fixes Critical Flaws in its Products*LemonDuck Malware Targeting Windows and Linux Systems*Signal Patches a Critical Flaw in its Android Versions*Apple Patches a Zero-day Flaw Exploited in the Wild*XCSSET MacOS Malware Targets Telegram Accounts and Google Chrome Data*Researchers Disclose 3 Zero-day Flaws in Kaseya Unitrends Backup Solution*Kaseya Gets Universal Decryptor Tool to Help Victims*Critical Security Flaws Reported in Etherpad*Law Firm Campbell Conroy & O'Neil Suffered Ransomware Attack*Malicious NPM Package Steals Chrome Passwords on Windows via Recovery Tool*Federal Agencies Say China Breached Dozens of Pipeline Companies between 2011 and 2013*Akamai Suffers DNS Outage; Prominent Websites and Online Services Across the Globe Impacted*Dell Patches 3 Critical Vulnerabilities in OpenManage Enterprise Service*Atlassian Patches Critical Vulnerability in its Jira Data Center and Jira Service Management Data Center Products*Ecuador's State-run CNT Telco Suffers Ransomware Attack*Juniper Fixed Multiple Flaws in its Products*Attackers Distributing Remcos RAT via Visual Basic*Microsoft Seizes hom*oglyph Domains used in BEC Campaign*Saudi Aramco Suffers Data Breach; 1 TB Stolen Data for Sale*16-Year-Old Bug Impacts Millions of HP, Samsung, Xerox Printers*Bug discovered in Fortinet lets Attackers to run Code as Root*WIFIDemon Leading to Remote Code Execution Attacks on iOS Devices*Magecart Attackers Using Unique Techniques to Avoid Detection*Cisco Patches High Severity Flaw in its ASA & FTD Software Versions*Pegasus Spyware Infecting Prominent Personnel's Mobile Devices Across the Globe*WildPressure APT Targeting Windows and macOS Systems via New Malware Variant*Google Patches Zero-Day Vulnerability in its Chrome Browser*D-Link Fixes Multiple Security Bugs in its DIR-3040 Router Version v1.13B03*Scammers Target Comparis Group Users Post Ransomware Attack*Multiple Vulnerabilities in NuGet Packages Affect .NET Platform*Microsoft Patched Windows Hello Authentication Bypass Vulnerability*Recent ZLoader Malware Attacks Adopt New Macro-Related Delivery Method*Sage X3 Patched Multiple Security Flaws in its Enterprise Resource Planning (ERP) Product*Attackers Spreading BazarBackdoor Malware via Nested RAR and ZIP Archives*SonicWall Warns of Imminent Ransomware Attacks Targeting SMA 100 & SRA VPN Appliances*VMware Fixed Flaws In ESXi and ThinApp Applications*Chinese Hackers Utilizing SolarWinds Zero-Day to Target US Defense Companies*New BIOPASS RAT Live Stream Victim's Computer Screen*Kaspersky Password Manager Generated Passwords used in Brute Force Attacks*Adobe Patch Tuesday Security Advisory - July 2021*Microsoft Patch Tuesday Security Advisory - July 2021*Kaseya Fixed Multiple VSA Bugs Exploited in REvil Ransomware Attack*Flaws in Cisco BPA and WSA could lead to Privilege Escalation Attacks*Mitsubishi Electric Fixed Bugs in Air Conditioner Control Systems*Fashion Retailer Guess Suffers Data Breach Post Ransomware Attack*SolarWinds Patches a Zero-day Flaw Exploited in the Wild*Insurance Firm CNA Suffers Data Breach After Ransomware Attack*Mint Mobile Suffers Data Breach; Hackers Port Victims Phone Numbers*Morgan Stanley Reports Data Breach After Vendor Reports Accellion Hack*Nobelium Hacking Group Reportedly Accessed Microsoft's Customers Support Tools*Crypto Mining Scams Targeting Victims via Fraudulent Android Apps*Malspam Campaign Deploying Cobalt Strike Payloads Posing as Kaseya VSA Security Update*Microsoft Addresses Critical Edge Bug Leading to UXSS Attacks*CISA Discloses 15 Vulnerabilities Affecting Philips Vue Healthcare Products*Pro-Trump Social Media Site "GETTR" Suffers Data Breach*QNAP Patches Critical Flaw in NAS Backup and Disaster Recovery Solution*Insurance Giant AJG Reports Data Breach post a Ransomware Attack*Threat Actor Group Wizard Spider Linked to a New Ransomware 'Diavol'*NETGEAR Patches 3 Critical Bugs in DGN-2200v1 Series Routers*Microsoft Urges Azure Users to Update their PowerShell Tool*Threat Actors Hacked Mongolian Certificate Authority to Deploy Backdoors*Threat Actors Targeting Unpatched Cisco ASA Devices Aggressively Post the PoC Release*Kaseya Suffers Massive Ransomware Attack; Hundreds of Companies around the Globe Affected*Retail Giant Coop Shuts Down 500 Stores Post Kaseya Ransomware Attack*Microsoft Releases Emergency Patch for Windows Zero-day PrintNightmare Vulnerability*Attackers Target Microsoft's Halo Development Servers via Dependency Hijacking*Law Enforcement Officials Seize DoubleVPN Service's Servers*WD Storage Devices Vulnerable to Ongoing Cyber-Attacks*LinkedIn Suffers Data Breach, 700 Million Users Data Exposed*DarkRadiation Ransomware Gang Targeting Linux & Docker Instances*Threat Actors using WIM Files to Bypass Security Solutions via Phishing Emails*Microsoft Signs a Rootkit Malware Disguised as Windows Driver*Unpatched Flaws in PlingStore Apps may Lead to Supply-Chain Attacks*Scammers Impersonating FINRA Support in a New Phishing Campaign*Fortinet Patches 2 Vulnerabilities in its Web Application Firewall (WAF)*High Severity Flaws Found in Vulnerable NVIDIA Jetson Chipsets*Spam Campaign Hides "handwritten" Links in Tinder Profile Images*Pakistan Hackers are Targeting Indian Power Company with ReverseRat*Mercedes-Benz Suffers Data Breach*Multiple Bugs in Dell SupportAssist; Impacts 30 Million PCs*Researchers Discovered Security Vulnerability in 2G Mobile Data Encryption Standard*Conti Ransomware Gang Leaked Tulsa City's Police Citation Documents*Covid-19 tracking app ‘MassNotify’ Auto-installed on Massachusetts Android Phones*VMware Fixed Critical Vulnerability in Carbon Black App Control*A Partially Fixed Bug in SonicWall Affecting 800K Firewalls*Vulnerabilities in Open Design Alliance's SDK Impacting Multiple Vendors*Nuclear Research Agency of South Korea was Hacked Using VPN Flaw*Multiple Vulnerabilities Discovered in Schneider PowerLogic Devices*Zephyr RTOS Patched Multiple Bugs in its Bluetooth LE Stack*Healthcare Giant Grupo Fleury Suffers Ransomware Attack*Palo Alto Networks Fixed Critical Vulnerability in Cortex XSOAR*Microsoft Patched High-Pitched Noise Bug in Windows 10*Threat Actors are Sending Fake Extortion Emails by Impersonating DarkSide Gang*Supermarket Chain Wegmans Suffers Data Breach*Andariel Hacking Group Targeted South Korean Industries with New Malware Campaign*Poland Officials Targeted in Russian Cyber Attacks*Russian Consumer Watchdog Bans VyprVPN & Opera VPN Services*Gelsemium Hackers Target NoxPlayer with Supply Chain Attack*Reproductive Biology Associates Clinic Suffers Ransomware Attack*Critical Flaw in ThroughTek Allows Millions of Cameras to Spy*Newly Discovered iPhone Bug can Disable iPhone's Wi-Fi Functionality*Researchers Warn of SolarMarker Malware Deployed via SEO Poisoning*Attackers Bypass Office 365 MFA in BEC Attacks*Attackers can Access Victim Information via Vulnerability found in Microsoft Power Apps*Instagram Bug Allows Attacker to View Private Accounts Details of the User*Propane Service Provider AmeriGas Discloses Data Breach*Cake Box Suffers Data Breach; Credit Card Numbers of Customers Exposed*Clop Ransomware Gang Suspects are Arrested in Ukraine*Google Patched Zero-Day Bug in Chrome Web Browser*Scammers are Sending Fake Ledger Devices to Steal Cryptocurrency*Thousands of VMWare vCenter Servers are Still Vulnerable to Remote Code Execution Attacks*Apple has Fixed 2 Zero-Day Flaws in iOS Devices*Hackers can Spy on Samsung Mobile Users using Pre-installed Applications*Interpol Removed Multiple Fake Online Pharmaceutical Websites*Spain's Ministry of Labor and Social Economy Suffers Cyberattack*Avaddon Ransomware Group Shuts Down*Food Supply Giant Edward Don Shuts Down Temporarily Due to Ransomware Attack*7-Year-Old Privilege Escalation Polkit Flaw Affecting Linux Devices*McDonald's Discloses Data Breach; Customers and Employee Information Exposed*Audi and Volkswagen Suffers Data Breach; 3.3 Million Customers Affected*Food Giant JBS Pays $11 million to REvil Ransomware Group*Famous Video Game Company Electronic Arts Suffers Data Breach*WAGO Controller Flaws Could Lead to Industrial Process Disruptions*Stolen Login Credential Marketplace Slilpp is Seized by Law Enforcement*Fastly CDN Outage Impacted Multiple Websites*Latest Necro Python Malware has New Exploits and Crypto Mining Capabilities*Phishing Campaign Targets U.S. Financial Industry Regulatory Authority (FINRA)*Memory & Storage Manufacturing Giant ADATA Suffers Ransomware Attack*Microsoft Patched Vulnerability In MSGraph Component*PuzzleMaker Threat Actors Targeting Windows 10 Systems using Chrome Zero-days*STUN Servers Abused for DDoS Attacks*New Siloscape Malware Targets Windows Containers to Access Vulnerable Kubernetes Clusters*Attackers are Actively Targeting Vulnerable VMware vCenter Servers*Google Fixed Multiple Critical Bugs In Latest Android Security Updates*Adobe Patches 41 Vulnerabilities in 10 Products*Intel Fixes 73 Security Vulnerabilities*Microsoft Patch Tuesday Security Advisory - June 2021*EvilCorp Cybercrime Gang Mimics PayloadBIN to Evade US Sanctions*US Truck Manufacturer Navistar Discloses Data Breach*Cisco Patches High-Risk Security Flaws in its Multiple Products*Open Source Application "Have I Been Pwned" Used to Expose Stolen Credentials*Nantucket Steamship Authority Suffers Ransomware Attack*Researchers Disclosed Critical Bug In Realtek Wi-Fi Module*Threat Actors Deploying SkinnyBoy Malware using Malicious MS Word Documents*Threat Actors Bypassing Ransomware Defense in Antivirus Solutions via Whitelisted Applications*Huawei Fixed Privilege Escalation Bug in its USB LTE Dongle*FUJIFILM Suffers Ransomware Attack*North Korean Hacking Operation Targeting South Korea Government Units*Multiple Products from Cisco, Akamai & Linux affected by Vulnerability in Lasso Library*Multiple Vulnerabilities Reported in Industrial Switches from Several Vendors*Swedish Health Agency Shuts Down SmiNet's Database after Multiple Intrusion Attempts*Attackers Exploiting Critical Zero-day Flaw in WordPress Plugin*Researchers Disclosed Two New Attack Techniques which Modifies Certified PDF Document Content*New Phishing Campaign Targeting Walmart Users Discovered*Two Domains Used In Nobelium Phishing Campaign Seized*Food Giant JBS Shuts down Temporarily due to Cyberattack*BazaLoader Campaign Spreading Phishing Emails to Compromise Users Windows System*FBI Reports Attackers are Exploiting Unpatched Fortinet Devices*Researchers Warn of Facefish Backdoor Infecting Linux Devices*New VSCode Extensions Bugs may Lead To Supply Chain Attacks*Siemens Patches a High-severity Memory Protection Bypass in its PLCs*Canada Post Reports Data Breach Post Supplier Ransomware Attack*Threat Actors Distributing Trojanized AnyDesk Installer via Malvertising Campaign*SolarWinds Hackers Deploying New 'NativeZone' Backdoor via a New Supply Chain Attack*Klarna Mobile Application's Technical Bug Leaking Users Data*New Epsilon Red Ransomware Abusing Unpatched Microsoft Exchange Servers*Threat Actors Actively Exploiting a Command Injection Flaw in SonicWall's NSM On-Premises Products*TPG Shutdown the Legacy TrustedCloud Service Post Data Breach*Threat Actors Deploying Data Wiper Malware Disguised as Ransomware*Checkbox Survey Patches Arbitrary Code Execution Flaw Being Exploited in the Wild*Attackers Impersonating Devices via Newly Disclosed Bluetooth Bugs*HPE Patches Critical Zero-day Flaw in Systems Insight Manager (SIM)*Office 365 Bug Sending Exchange Online, Outlook Emails to Junk Folder*Malware Attack Knocks out Siegfried Group’s Network*Multiple Japanese Agencies Suffer Data Breaches in a Supply Chain Attack*Hackers Sent Racist Registration Emails Pretending to be from Walmart*Zeppelin Ransomware Back in Operation with an Updated Malware*Apple Patches a Zero-day Flaw in TCC Framework*Japan’s Omiai Dating App Data Breach; Over 2 Million Users Data Exposed*VMware Patches Critical Remote Code Execution Flaw in vCenter*CryptoCore Campaign Hacking Cryptocurrency Exchanges Globally*Scheme Flooding Vulnerability Enables Hackers in Identifying Users*Florida Water Treatment Plant Suffered a Cyber Incident Prior to the Poisoning Attack*Ivanti Addresses a High-Severity Vulnerability in Pulse Connect Secure VPN*Electronic Giant Bose Reports Data Breach Post Ransomware Attack*Trend Micro Patches 3 Vulnerabilities in Home Network Security Devices*Threat Actor Behind Infamous UPMC Breach Gets Verdict; Faces 7 Years in Prison*Apple Patches 3 Zero-days Affecting macOS & tvOS Devices*Microsoft Releases a Simulated Tool for Attack Scenarios*23 Misconfigured Android Applications Leaking Users Personal Data*Google Fixes Chrome Browser Crash on Windows 10 and Linux Platforms*Google Patches Heap-based Buffer Overflow Vulnerability in Chrome*CNA Financial Paid $40 Million Ransom to Evil Corporation*FBI Warns Organizations about Conti Ransomware*E-commerce Giant Mercari Suffers Massive Data Breach in Codecov Incident*QNAP Warns Organizations about Qlocker Ransomware Impacting Vulnerable HBS Devices*Stolen Dominos India Data Up for Sale on Dark Web*Air India Hacked; 4.5 Million Passengers Information Leaked*Android Releases Patches for 4 New Zero-day Vulnerabilities*New Malware Campaign Delivers Fake Ransomware*Slack Messaging Application Suffers Massive Outage*Over 600,000 WordPress Sites Impacted by a Vulnerability in WP Statistics Plugin*Magecart Hackers Deploying PHP-based Backdoor via Website Favicons*New Banking Trojan Bizzaro Targeting European and South American Banks*Experts Warn About Ongoing AutoHotkey-Based Malware Attacks*FBI Warns of a Spear Phishing Campaign Delivering Advanced Malware*Student Insurance Provider Guard[.]me Suffers a Data Breach*Insurance Giant AXA Hit by Ransomware Attack*Threat Actors Deploying Lizar Malware under the Disguise of Ethical Hacking Tool*APT36 Group Mimicking Legitimate Indian Military and Defense Organizations*Monday[.]com Source Code Accessed by Codecov Hackers*Toshiba's Subsidiary Unit Struck by DarkSide Ransomware Group*Cisco Patches a Zero-day Bug in Cisco AnyConnect Client*Rapid7 Source Code Accessed in Codecov Supply-chain Attack*AMD Patches Two Flaws Bypassing AMD's SEV Protection System*Snip3 Crypter Service Deploying Multiple RAT Variants*Hackers Delivering Malware via Microsoft Build Engine Files*Citrix Patches Vulnerability in Workspace Application for Windows*New Cryptocurrency Phishing Scam Stealing Recovery Phrases via Twitter*Colonial’s Pipeline Hack; $5 Million Ransom Paid*QNAP warns of Zero-day Bug in Roon Servers*Herff Jones Suffers Data Breach*New Lorenz Ransomware Affecting Multiple Organizations Globally*Brenntag Hack; $4.4 Million Ransom Paid*DarkSide Ransomware Servers Seized Post-Colonial Pipeline Attack*Lemon Duck Cryptominer Strikes Again*Ireland’s Health Services Reports Ransomware Attack; $20 million Ransom Demanded*Threat Actor Leaks Stolen Data Post D.C. Police Columbia Hack*FBI and ACSC Warns of Avaddon Ransomware Attacks*VideoLan Patches Auto-updater Bug in VLC Media Player*Ransomware Attack on the City of Tulsa, USA*All Wi-Fi Devices are Vulnerable to FragAttacks*A New Qualcomm Vulnerability Impacting Android-based Mobile Devices*Over 25% of Tor Exit Relays Spied on Users Dark Web Activities*Google Patches 19 Bugs in Chrome 90.0.4430.212*Twitter's New Feature Tip Jar Exposing Sensitive Information*Cuba Ransomware Partners With Hancitor for Spam-Fueled Attacks*Law Firm Jones Day Hit by Data Breach*Attackers are Exploiting Authoritative DNS Servers via TsuNAME DNS Bug*NatWest Bank Scheduled Payments Bug May Cost Customers Money*Russian Hackers Are Allegedly Exploiting 12 Vulnerabilities in the Wild*New Stealthy Rootkit Targeting High-Profile Organizations*Twilio & HashiCorp Reports Cyber Attacks Post Codecov Supply Chain Hack*UNC2529 Threat Group Delivers Three New Malware Strains via Phishing Emails*Six Unpatched Critical Flaws Detected in Remote Mouse Application*Foxit Patches Remote Code Execution (RCE) Vulnerability in Foxit Reader*Colonial Pipeline Suffers from Alleged Ransomware Attack*Microsoft Edge Crashes while Playing YouTube*Scammers Impersonate "SNL in Elon Musk" Show in a Cryptocurrency Scam*VMware Patches Critical Flaw in vRealize Business for Cloud Virtual Appliance*HP Enterprise Fixes Critical Bug In Edge Platform Tool*New Windows Malware 'Pingback' Using ICMP for C2 Operations*N3TW0RM Ransomware Targeting Israel-based Companies*Alaska Court System Went Offline Amid Cyber Attack*Critical 21Nails Exim bugs Affecting Vulnerable Linux Servers*Network Solution and Register.com Reports DNS Outage*Tesla Car Hacked Remotely using Drones*Dell Fixes a 12-year-old Bug in DBUtil BIOS Driver*Insight Global's Insider Threat Leaks COVID-19 Information*Complexcodes is Selling Subscription based Commodity Malware "WeSteal"*Chinese Attackers Hacked Russia's Largest Nuclear Submarine Designer*A New Malspam Campaign Distributing Rust-based Buer Malware Variant*Intel and AMD Chips are Vulnerable to Spectre Side-Channel Attacks*Pulse Secure Addresses VPN Zero-Day Vulnerability*LuckyMouse Targets Multiple Organizations via Sys-update Toolkit*Critical IP Address Validation Vulnerability found in Python*Mount Locker Ransomware Uses New Tricks to Evade Detection*ISC Patches Several BIND Vulnerabilities in DNS Servers*Researchers Expose a New Iranian State-Sponsored Ransomware Campaign*SolarMarket RAT Uses Google SEO Tactics to Lure Victims*First Horizon Bank Hacked; $1 Million Stolen*2 iOS Zero-day Vulnerabilities fixed by Apple*Chinese Hackers Attacking Military Organizations in South-East Asia*Stealthy Backdoor Infecting Linux Systems*FBI Shares 4 Million Emotet Botnet Stolen Email Addresses*PHP Composer Bug Ends Up in a Widespread Supply-Chain Attacks*Hotbit Cryptocurrency Exchange Down Post Cyberattack*ParkMobile Stolen Customers Data Exposed Online*Whistler Resort Municipality Suffers Ransomware Attack*Microsoft Uncovered Critical Code Execution Bugs In IoT, OT Devices*DigitalOcean Data Breach Exposes Customer Billing Information*Brazil's Rio Grande Do Sul Court System Suffers Ransomware Attack*Attackers are exploiting SonicWall Zero-day for Ransomware Attacks*F5 Discloses KDC Spoofing Vulnerability in BIG-IP Consoles*UnitingCare, Queensland Systems Taken Down*UK Rail Network Merseyrail Hit by Lockbit Ransomware*Google Patches Critical RCE Vulnerability in Chrome*MangaDex Stolen Database Leaked Online*NTLM Relay Attack Abuses Windows RPC Protocol Vulnerability*Guilderland Central Schools Hit With Malware Attack*Apple iCloud Mail Server Outage*Fake Microsoft DirectX 12 Deploying Crypto-Stealing Malware*D.C. Police Columbia Hacked; Ransom Demanded*Oilfield Services Giant Gyrodata Discloses Data Breach*Microsoft Teams Suffers Outage*Attackers Spreading FluBot Malware via Android Devices*Prometei Botnet Operators Exploiting Obscure Microsoft Exchange Servers*New Cryptomining Malware Turning Vulnerable Windows, Linux Devices into Bots*Hacker Leaks 20 million BigBasket's Data for Free*Critical RCE Bug Reported in Homebrew Package Manager*Hackers Exploiting PulseSecure to Deploy SUPERNOVA Malware*Qlocker Malware Encrypting QNAP Devices Using 7zip*Twitter Mistakenly Sends Spam Emails*ToxicEye Trojan Abusing Telegram to Steal Data*PasswordState is Latest Victim of Supply Chain Attack*WhatsApp Pink Malware Auto Replies to Skype, Signal and other Messengers*Exchange Online Down; Microsoft 365 Outage Affects Email Delivery*Pareto Android Botnet Attacks Smart TV Ads*1.3 Million Windows RDP Servers Login Credentials found in Hacker Forum*Multiple Vulnerabilities in Google Chrome Patched*Microsoft Partially Fixes Windows 7 and Server 2008 R2 Vulnerability*Attackers Infecting Google Play Store via Fake Applications*Eversource Energy Reported Data Breach*Attackers Actively Exploiting 4 Pulse Secure Vulnerabilities*Attackers Target Multiple Networks in a Supply Chain Attack Post Codecov's Data Breach*Revil Gang Attempted to Extort Apple via Alleged Quanta Hack*Zero-day Vulnerabilities Patched in SonicWall Email Security*Remote Code Execution Vulnerabilities Discovered in Cosori Smart Air Fryer*Malvertising Campaign "Tag Barnakle" Compromised 120 Ad Servers*Attackers Hacking Android Devices Remotely via WhatsApp Flaws*Lazarus APT Using BMP Images to Distribute Trojan*Geico Suffers Data Breach; Policyholders' Driver's License Numbers Stolen*Researchers Found Campaign Mimicking Microsoft Store, Spotify Sites, and Chess Application*WordPress Patches XXE Flaw in PHP 8*Domino's India Database Hacked; 10 Lakh Credit Card Details Leaked*Critical Remote Code Execution Vulnerability in Juniper Devices Discovered*Attackers Exploiting Critical Flaw in Facebook's Live Videos Feature*Multiple Vulnerabilities Reported in EtherNet/IP Stack for Industrial Systems*Malware Spreading via Xcode Projects; Infecting Apple's M1-based Macs*Attackers Stealing Credentials via Operation "Overtrap"*Fortinet Discloses a New FormBook Variant*Hackers Gained Access via Vulnerable VPN Device in Capcom Ransomware Attack*Critical Zero-day Vulnerability Found in Desktop Window Manager (DWM)*Swinburne University, Australia Suffers Data Breach*Twitter Suffering Worldwide Outage*Google Released Chrome 90*Cyberattack on The University of Hertfordshire, UK*Tata Communications Data Breached via Route Mobile*Over 100 Million Devices Vulnerable to DNS Vulnerabilities*Attackers Tampering Popular App Stores to Distribute Malicious Apps*Researchers Disclosing Second Chrome Zero-day Exploit*SAP Fixes Critical Flaws in SAP Commerce, NetWeaver & Business Client*Spying Android RAT "BRATA" Strikes Back*New Phishing Campaign Delivering Fake Antivirus Billing Notices*Malware hidden in Fake Browserify NPM package*Adobe Fixes 10 Vulnerabilities in Multiple Products*QBot Operators Using QBot & IcedID Malware as Final Payload*Malicious Facebook Ads Dropping Malware on Systems*Bakker Logistiek Suffers Ransomware Attack*Microsoft Office 365 Phishing Campaign Evades Detection with Malicious Javascript Code*10 Malicious Applications in App Gallery Infected with Joker Malware*Microsoft Patch Tuesday Security Advisory - April 2021*New Malware "Saint Bot" Snatching User Passwords*IcedID Malware Delivered via Contact Forms*Swarmshop Hacked; Over 600,000 Stolen Records Exposed*Pharmaceutical Giant "Pierre Fabre" Suffers REvil Ransomware Attack*Multiple Gigaset Android Smartphones are Infected with Malware*New Android Malware Auto-spreads to Devices using WhatsApp Auto-replies*Lazarus Hacking Group Strikes Back with Vyveva Backdoor*Rockwell Automation Addresses 9 Critical Vulnerabilities in FactoryTalk AssetCentre*VISA Warns of Increasing Web Skimming Attacks*LinkedIn Data Breach; 500 Million Users Data Posted On Dark Web*Unpatched Fortinet VPN devices are exploited by Cring Ransomware*Cisco Patches Cisco SD-WAN vManage Software Vulnerabilities*Chinese Hackers Attacks Government & Military of Vietnam*A New Spear-Phishing Campaign Deploying Malware Using Voice Changing Software*Attackers Targeting Firms Using new Banking Trojan "Janeleiro"*Hackers Deploying 'more_eggs' Malware via Fake LinkedIn Job Offers*European Commission and EU Organizations Suffer Cyber Attack*Booking.com Fined $560,000 by DPA*VMware Fixes Critical RCE Flaw in Carbon Black Cloud Workload*Data of Over 279 "Only Fans" Accounts Posted Online*TU Dublin and National College of Ireland Suffers from Ransomware Attack*Attackers Actively Exploiting Unpatched SAP Applications*Hackers Exploiting Windows OS "BITS" Component*$38M Worth of Gift Cards Sold by Cybercriminal on Russian Hacking Forum*Outlook "Cannot send this item" Error Patched by Microsoft*Clop Ransomware Gang Leaks Multiple Universities Sensitive Data Online*Attackers are targeting Japan Industries with Multiple Backdoors*Fake jQuery Plugin Deploying Malware on Systems*Electronics Manufacturer "Asteelflash" Suffers REvil Ransomware Attack*Brown University Suffers Cyberattack*US DOJ Warns of Fake Covid-19 Vaccine Survey Phishing Campaign*FBI and CISA Warns of Exploits Against Unpatched Fortinet FortiOS Servers*Threat Actors Attempt to Extort Ubiquiti Post Data Breach*Researchers Report Spike in Ransom DDoS Attacks*Bogus Pen-Test Company "SecuriElite" Targeting Security Professionals*Facebook Data Breach; 533 Million Users Data Exposed*Citrix Addresses Multiple Vulnerabilities in Hypervisor*SolarWinds Patches Four Vulnerabilities in Orion Platform*Attackers Hacked PHP's Git Server to add Backdoors*Malicious “System Update” Android Malware is Compromising Devices*German Parliament Members Targeted by Spear-Phishing Attack*BazarCall Malware Infecting Systems via Malicious Phone Calls*New 5G Security Flaw allows Denial-of Service Attacks & Data Access*Campaigns Spotted Targeting Gamers via Malware hidden in Game Cheats and Mods*Fat Face Discloses Data Breach; Pays $2 Million Ransom*VMware Fixes Two Critical Flaws in vRealize Operations Manager*Harris Federation Hit by Ransomware Attack*Slack Disables New Feature Amid Security Related Concerns*npm Fixes a Critical Networking Vulnerability in "netmask" Library*OpenSSL fixes Two High Severity Vulnerabilities*Microsoft Patches Windows 10 Secure Boot Vulnerability*Weintek Patches Remote Code Execution Flaws in its Product Range*Evil Corporation Employs Hades Ransomware to Evade Detection*Two Critical Vulnerabilities Patched in a WordPress Plugin*FBI Warns of Mamba Ransomware*Mobikwik Data Breach; Over 5 Million Users Data Exposed*Threat Actors Exploiting Critical Flaws in GE's Universal Relay Products*Apple Patches Webkit Browser Engine's Zero-day Vulnerability*Backblaze Reports Data Breach; 9,245 Users' Metadata Exposed*New Cloudflare's Page Shield Feature notifies Malicious JavaScript Dependencies*Purple Fox Operators are Targeting Vulnerable Windows Systems*Two Dozen Malicious Chrome Extensions are distributing Malware Globally*Microsoft Patches Privilege Elevation Flaw in PSExec*Multiple Security Vulnerabilities discovered in Cisco Jabber*Adobe Fixes Critical Vulnerability in ColdFusion*CISA and FBI warn about Phishing Attack spreading TrickBot Malware*Colorado & Miami Universities Suffers Data Breach due to Vulnerable Accellion FTA Servers*High Availability Server Manufacturer Stratus Suffers Ransomware Attack*Shell Suffers Data Breach due to usage of Vulnerable Accellion FTA Servers*Attackers Exploiting Vulnerable Qualcomm Graphic Components on Android Devices*CNA Insurance Firm Suffers Ransomware Attack; New Malware Family Used*IoT maker "Sierra Wireless" Reports Ransomware Attack; Site Taken Offline*Attackers are taking Control of Vulnerable Apache OFBiz ERP via RCE Vulnerability*Phishing Campaigns Bypassing Secure Email Gateways*Phishing Mails containing fake COVID-19 Relief Checks downloads Dridex Trojan*Threat Actors Hacked Windows, iOS, Android Users via Zero-day Attacks*Mirai Botnet Exploiting Critical Flaws in Network Security Devices*MangaDex Taken Offline Post Cyberattack*Black Kingdom Ransomware Exploits Zero-day Flaws in Microsoft Exchange Servers*Road Ministry warns Multiple Indian Government Organizations post Cyber-Attack Threats*Fake Telegram Desktop Application downloads AZORult Malware*CISA releases CHIRP Tool for SolarWinds Malicious Activity Detection*CopperStealer Malware is Hijacking Social Media Accounts*DDoS-as-a-Service exploits Citrix Devices*New Malware XcodeSpy Targets iOS & macOS Developers*Acer Suffers Ransomware Attack; $50 million Ransom Demanded*Zoom Screen-sharing Bug is exposing Sensitive Data to Unauthorized Users*Post Microsoft Outage files are missing from SharePoint*Phishing Campaign Targets US Taxpayers*Pysa Ransomware is Targeting US & UK Educational Institutions*Twitter Image can be abused to hide Malicious Files*Hackers Exfiltrating Stolen Data via JPG Files*Mimecast Says SolarWinds Hackers Accessed Some Source Code*Ransomware Attack on Pune District Smart City Costs Project Operators 50 Million Dollars*RTM & Quoter Ransomware are Targeting Russian Finance and Transport Organizations*A Time Zone Bug Crashing iOS Clock Application*Microsoft Releases Mitigation Tool for Exchange Servers Affected in ProxyLogon Hack*WeLeakInfo Hacker Site Hacked*Phishing Domains can now Detect Virtual Machines using JavaScript*Blender Software Developer Reports Cyber Attack*Researchers Discovered Nim based Malware Exploiting Devices*Microsoft Suffers Outage; Multiple Services Affected*Metamorfo Banking Trojan abuses AutoHotKey to steal User Information*Threat Actors Exploiting Avira Antivirus to Deliver Banking Trojans via DLL Side Loading Attack*New ZHtrap Botnet Malware is turning Infected Targets to Honeypots*Three Privilege Escalation Vulnerabilities fixed in Linux Kernel*Threat Actors Exploiting Linux based Systems with new RedXOR Malware*A New Zero-day WordPress Vulnerability enables Site Takeover*Google Patches Zero-day Vulnerability in Chrome*Mozilla Addresses Linux Crashes, Apple Silicon Hangs in Firefox 86.0.1*Molson Coors Reports an Outage*Windows 10 Emergency Updates fixes Printing Crashes*Researchers Disclose New and Powerful Version of BADHATCH PoS Malware*Spanish Government Labor Agency Suffers Ransomware Attack*New DEARCRY Ransomware Exploiting Vulnerable Microsoft Exchange Servers*OVH Data Center Reported Massive Outage*Second Cyber Attack on Norway's Parliament*Maryland Attorney Seizes 5th Domain Used in COVID-19 Vaccine Phishing Attacks*Hackers Accessed Verkada's Live Surveillance Cameras*iPhone Call Recorder App Exposes People's Conversations*F5 BIG-IP issued patches for Critical Remote Code Execution Vulnerabilities*Microsoft Discloses 3 New Malware Strains in SolarWinds Hack*Microsoft Patch Tuesday Security Advisory - March 2021*GitHub Users were forcibly Signed out to patch a Security Bug*9 Android Application on Google Play Store found to be distributing Malware Dropper*Researchers Disclose Side-Channel Attacks on Vulnerable Intel CPUs*Global Aviation Industry Tech Supplier "SITA" Suffers Massive Data Breach*Apple Addresses Remote Code Execution Vulnerability in WebKit*Adobe Patches Flaws in Creative Cloud, Connect & Frame-maker*Researchers Disclose New Tor based Malware "gafgyt"*New Sarbloh Ransomware Encrypting Victim Files through Political Agenda*Flagster Bank Suffers Data Breach due to usage of Vulnerable Accellion FTA Servers*Google Chrome Blocks Port 554 as a Counter to NAT Slipstreaming Attacks*European Banking Authorities Exchange Servers Hacked*Microsoft Themed Phishing Attack Stealing User Credentials*Over 15 Schools in UK Suffered Cyberattack*Multiple Cisco Products Exposed to DoS Attack due to Snort Vulnerability*Microsoft Releases a Tool for ProxyLogon Security Verification on Exchange Servers*Microsoft Outlook Breached; Over 20,000 Organisations Affected Globally*Supermicro, Pulse Secure Patches Vulnerabilities in BIOS & UEFI Products*Attackers Hiding ObliqueRAT Trojan in Image Files via Steganography*GRUB2 Patches Multiple High Severity Vulnerabilities in Boot Loader*Over 6,700 VMware Servers Exposed post Exploit Code Release*Hackers Deploying Malware on Compromised Websites via SEO Techniques*Over 100 Italian Banks Targeted via Ursnif Trojan*VMware Patches Remote Code Execution Vulnerability in View Planner*Attackers Targeting Investors via BEC Campaigns*CompuCom Suffers Malware Attack Leading to Service Outage*Botnet Campaigns Abusing Bitcoin Blockchains & Deploying Skidmap Malware*AOL Phishing Campaign Reported Stealing User Credentials*Researchers Disocvered DoS Vulnerability in Eclipse Jetty*Qualys Suffered Data Breach due to Zero-day Vulnerability in Accellion FTA Server*PrismHR Suffers Massive Outage*Malaysia Airlines Discloses a Data Breach*Chinese Cybercriminals Exploiting 4 Zero-day Vulnerabilities in Microsoft Exchange*Universal Health Services lost $67 Million by Ryuk Ransomware Attack*Google Patches Zero-day Vulnerability in Chrome*Dependency Confusion Vulnerability Exploited to steal Linux/Unix Password Files*Ransomware Attack on Aviation Giant Bombardier*Dutch e-Ticketing Platform Ticketcounter Suffers Data Breach*Chinese Hackers Targeting Indian Power Grids & Seaports*World's Leading Dairy Products Group Lactalis Hit by Cyber Attack*Drive Corruption Vulnerability in Windows 10*LazyScripter Actors Target Airlines with Remote Access Trojans*New Variant of Ryuk Ransomware Observed Self-propagating in Local Network*Cisco Patches Critical Severity Authentication Bypass Vulnerability in Cisco ACI MSO*Sequoia Capital Suffers Data Breach post a Failed BEC Attack*FriarFox Browser Extension Targeting Tibetan Organizations*Windows 10 BSOD Issues Resolved via Intel Wireless Driver Updates*Online Dating Application Gaper Vulnerable to Multiple Critical Zero-day Flaws*US Federal Reserve Suffers Massive Outage Nationwide*Researchers Discloses Potential Code Injection Flaw in NodeJS Library "systeminformation"*TD Bank Recovering from Systemwide Banking Outage*XBOX Live Suffers Global Outage*Accellion Vulnerability Exposes Pharmacy & Employee Data in Kroger Data Breach*Keybase Patches a Bug that Exposes Deleted Sensitive Media to Attackers*Threat Actors Deploying New Variants of MINEBRIDGE RAT via Word Documents*Powerhouse Management Suffers from Large Scale DDoS Attacks*WACUP Patches Several Bugs in Winamp Media Player*Over 8 Million COVID-19 Test Results Leaked*TietoEVRY IT Services Suffers Ransomware Attack*Microsoft Begins Windows 10 21H1 Beta Testing*VMware Patches Critical RCE Bug in vCenter*Python Software Foundation Addresses Two Vulnerabilities*US Shares Information on AppleJeus Malware*LinkedIn Suffers Global Outage for Two Hours*Fake Adobe Flashplayer Update Installs Adware Bundle*Brave Browser's "Tor Mode" Leaks Onion Queries in DNS Traffic*Certification Giant Underwriters Laboratories (UL) Suffers from Ransomware Attack*Magecart Hackers Stealing Credit Card Information via Google Apps Script*Attackers Targeting Apple's M1 Chip via Malicious Adware Extension*Cuba Ransomware Triggers Data Breaches In US Cities & Agencies*Dutch Research Council (NWO) Suffered Cyberattack*RIPE NCC Suffers Credential Stuffing Attack*OpenSSL Project Releases A New Patch For Three New Vulnerabilities*VMware Patches Vulnerability in vSphere Replication Software*Windows 10 Secure Boot Patch Exposes BitLocker Recovery Key*Kia Motors USA Suffers Massive IT Outage*EMSISOFT Exposes Internal Log Data Generated by their Test Products*EXMO Cryptocurrency Exchange Suffers DDoS Attack*Researchers Discloses Unpatched Vulnerabilities in SHAREit for Android OS*Yandex Insider Threat Compromises 4887 Customer Accounts*Telegram's "Super-Secret" Feature Exposes Self-Destructing Media Files to Attackers*Siemens Patches Multiple Vulnerabilities in Virtualization Software*PayPal Patches XSS Vulnerability in Currency Converter Feature*Over 30 Mobile Health Apps Exposing Records of Millions of Users*Fortinet Patches Multiple Vulnerabilities In SSL, VPN & Web Firewall Products*Critical XSS Vulnerabilities Fixed In WordPress Plugin "NextGen Gallery"*Windows Kernel Escalation of Privilege Zero Day Bug is Fixed in Microsoft Patch Tuesday*CISA Warns of High-Severity Vulnerabilities in Fuji Electric Products*Researchers Discloses Multiple Vulnerabilities in YouPHPTube and AVideo*Dairy Farm Suffers REvil Ransomware Attack*C-Level Executives Targeted via Phishing Attack*Over 3 Million Cook County Court's Sensitive Data Records Exposed*Mozilla Enhances Firefox Security Against Super Cookies & Disables Adobe Flash Support*Microsoft Azure Function Vulnerable to Privileges Escalation & Docker Escape*Apple Patched iOS, iPadOS & tvOS Multiple Vulnerabilities*Law Enforcement Agencies around the Globe takes Down Emotet Ransomware Gang*Oscorp - Credential Stealing Android Malware*Lebanese Cedar APT Targeted Telecoms, Hosting, ISPs Worldwide*North Korean Hackers Attacking Security Researchers*Cisco Discloses Multiple Vulnerabilities in Small Business Routers*Researchers Discloses Critical Vulnerabilities in F5 BIG-IP Products*Well-known Religious Services "The Temple" Suffers a DoS Attack*Linux Systems Under Attack via FreakOut Malware*QNAP Warns Users of Dovecat Crypto Miner Malware*Microsoft Discloses Methods used by SolarWinds Hacker Group to Avoid Detection*1.9 Million Pixlr Users Stolen Data Available on Free Forums*Adult Social Media Platform Fleek Leaking Users Explicit Data*4.1 Million AnyVan Users Data Compromised via Data Breach*VLC Media Player Patches Several Remote Code Execution Vulnerabilities*Cisco Fixes PreAuth Remote Code Execution Vulnerabilities*Crypto Exchange LiveCoin Shutting Down Post Cyber Attack*Microsoft Enabling Full Automation Support for Microsoft Defender AV*Cisco Fixes Windows DLL Injection Vulnerability in Cisco AnyConnect Secure Mobility Client*Raindrop Malware Observed in SolarWinds Hack*FireEye Releases Tool to Detect SolarWinds Hack Techniques*SolarWinds Malware "Raindrop" Hiding in Modified 7Zip Source Code*Oracle Releases Quarterly Critical Patches*Multiple Twitter Accounts Hacked in "Elon Musk" Crypto Scam*Malwarebytes Breached by SolarWinds Threat Actors*Apple Removes Vulnerable MacOS Features in MacOS 11.2 Beta 2*Cybercriminals Blunder Exposes Stolen Credentials in Plain Sight*Threat Actors Bypassing Two-Factor Authentication for Several Cloud Services Accounts*Microsoft Patches Zero Day Vulnerability in Defender Antivirus*Google Bans 164 Offending Android Applications from Play Store*Mozilla Releases Security Updates for Thunderbird*Scammers Blackmailing Coinmama Users via p*rn Backlinks*Windows 10 Bug Corrupts Hard Drive via Single Line Command*NSA Urges Organizations Not to Use Third Party DNS Resolvers*Bitdefender Releasing Free Decryptor for DarkSide Ransomware Victims*Scottish Environment Protection Agency (SEPA) Suffering Conti Ransomware Attack*Microsoft Announces Windows Zerologon Flaw ‘Enforcement Mode’*Threat Actors Compromising Mimecast's SSL Certificates*Researchers Exposes United Nations Data Breach*Linux Mint OS Patches ScreenSaver Bypass Vulnerability*UK's Nohow International Cloud Data Breached*Threat Actors Exploiting Windows "Finger Command" via Phishing Campaign*Large Scale Data Breaches Targeting Russian Federation in Year 2020*Over 390,000 Users Data Compromised in Capcom Data Breach*DoS Vulnerability in RockWell Automation RSLinx Classic Software*Breached COVID-19 Vaccine Data Leaked Online via Hacker Forums*Fake Trump Scandal Video Distributing QNode Malware*SolarWinds Threat Actors Accessing Department of Justice's Email Servers*FBI Warns Organizations on Egregor Ransomware*Pysa Ransomware Hits Hackney Council & Leaked Data Up for Sale*FIN7 Hacking Group Leveraging JSSLoader Malware*Indian Government Websites Leaking COVID-19 Patient's Test Results*Earth Wendigo Campaign Exfiltrating Emails via JavaScript Backdoor*British Airways Plans £3bn Breach Settlement*North Korean Hacking Group Supply Chain Attack Targeting Stock Investors*Multiple Vulnerabilities in Fortinet FortiWeb WAF Leading to Arbitrary Code Execution*Phone and Email Scammers Impersonating as ACSC*Ransomware Attack Knocks Out Funke Media Group*ElectroRAT Malware Drains Funds from 6,500 Digital Wallets*Lake Regional Healthcare Suffers Ransomware Attack*NameSouth's Data Breached by NetWalker Ransomware Group*Sabre Corporation's 2017 Data Breach LawSuit Verdict*Microsoft’s Windows Core Polaris Leaked Online*10,000 American Express Credit Card Holder's Data Breached*Vodafone's ho. Mobile Suffers Data Breach Impacting 2.5m User Records*Hackers Launch Swatting Attacks by Exploiting Smart Home Devices*SolarWinds Supply Chain Attack Led Hackers Access to Microsoft Source Code*Secret Backdoor Account Detected in Several Zyxel Firewall & VPN Products*CISA Releases Sparrow.ps1 Tool for Azure/M365*Japanese Aerospace Firm Kawasaki Warns of Data Breach*Japanese Game Developer Koei Tecmo Suffers Data Breach*FreePBX Developer Sangoma Technologies Hit by Conti Ransomware*Authentication Bypass Vulnerability in SolarWinds Orion API*Whirlpool Hit by Nefilim Ransomware Attack*Adobe Flash Player Reaches End-Of-Life (EOL)*Phishing Campaign Using Chase Banking Security Notice Emails*Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability*Smart Doorbell Devices Easily targeted by Hackers*Cybercriminal's Bulletproof VPN Service Shuts Down*Authentication Bypass Vulnerability in Bouncy Castle*Chinese APT Group Operation StealthyTrident*Critical Security Vulnerabilities Reported in Dell Wyse Thin Clients*Ransomware Threat Actors Using 'SystemBC' Malware as Backdoor*QNAP Fixes High Severity Vulnerabilities in NAS Devices*CrowdStrike Launches Reporting Tool to Audit Azure AD Permissions*Chinese Mobile Giant Xiaomi Recording Millions of Users Private Web & Phone Usage*Al Jazeera Journalists Targeted via Pegasus Spyware*VMware Vulnerability Exploited in SolarWinds Supply Chain Attack*Credential Stealer Malware Targeting Financial Institutions*Clop Ransomware Attack Detected on Symrise*Microsoft Defender Blocking Known Malicious SolarWinds Binaries*Mozilla Releases Security Fixes for Multiple Security Vulnerabilities*Sextortion Campaign Targeting iOS, Android Users via Goontact Spyware*New Windows Trojan Steals Browser Credentials, Outlook Files*5G Network Architecture Multiple Vulnerabilities Discovered*Contact Form 7 WordPress Plugin Emergency Patch Released*MoleRats APT Variant Stealing Sensitive Data*Unauthenticated Command Injection Flaw Exposes D-Link VPN Routers to Attacks*Iranian Rana Android Malware Snooping on Instant Messenging Platforms*Samsung Fixes Critical Android Bugs*Adobe Releases Security Updates*COVID-19 Vaccine Data Leaked*Ransomware Attack on Netgain Technologies*70 Lakh Indian Cardholders Data Leaked on Dark Web*FireEye's Red Team Security Testing and Assessment Tools Stolen by State-Sponsored Hackers*Microsoft Patch Tuesday Security Advisory - December 2020*Ransomware Attack on Television Production Company - Banijay Group SAS*Maze Ransomware Attack on Canon*DeathStalker APT Group Offers Hack For Hire Service*Security Researchers Accidentally Discovers Windows Zero-Day*Bandook Malware Targeting Multiple Sectors*Windows 10 20H2 Update Fixes Broken In-Place Upgrade Feature*Microsoft Office Products Non-Security Updates November 2020*Advanced Persistent Threat Attack Targeting U.S. Think Tank*Huntsville City Schools District Shut Down by Ransomware Attack*Ryuk Ransomware Attacks K12 Online School Platform*Malicious npm Packages Installing Remote Access Trojans*IoT Chip Maker Advantech Hit by Conti Ransomware*Gootkit Malware Returns with REvil Ransomware*New CursedGrabber Malware*Delaware County Hit by DoppelPaymer Ransomware Attack*Hackers Targeting COVID Vaccine Maker AstraZeneca*Data Breach Attack on Peatix Events Management Organization Inbox*LidarPhone Attack Converts Smart Vacuums into Microphones*Mercy Iowa City Hospital Data Breach*Over 300K Spotify Accounts Hacked*Industrial Control System Vendors Warn of Critical Bugs*Cisco Webex Ghost Flaw*Chinese Sponsored Cyber Criminal Group Attacking Japan-Linked Organizations*Cisco Webex Meetings API Cross-Site Scripting Vulnerability*Mozilla Released Firefox 83*Unprotected Database Exposed a Scam Targeting 100K+ Facebook Accounts*Mount Locker Ransomware Targeting TurboTax files*Chinese APT Group FunnyDream*Supply-Chain Attack Distributing Malware in South Korea*APT 'Hackers For Hire' Target Financial, Entertainment Firms*Multiple Vulnerabilities in Cisco Security Manager Software*New Phishing Campaign Delivering Jupyter Malware*Image Inversion Technique to Bypass Office 365*Critical Vulnerabilities Discovered in World's Largest Android TV Manufacturer*E-Shops Running Vulnerable Version of Magento*Source Code of Cobalt Strike Toolkit Shared Online*Critical Remote Code Execution Vulnerability in Oracle WebLogic Server*Animal Jam Kids Virtual Playground Suffered Data Breach*Security Vulnerabilities in Unity Orchestrator SD-WAN*High Severity Security Vulnerability in Cisco’s IOS XR Software*Chrome Zero-day Vulnerabilities*Australian Government Warns Healthcare Sector against Ransomware Attack*Mozilla Releases Security Updates*xHunt Hackers Attacking Exchange Servers*Ransomware Attack on Blackbaud Cloud Software Provider*Ransomware Hits E-Commerce Software Platform X-Cart*Ubuntu GNOME Display Manager Vulnerability allows Root Access*Ransomware Attack on Australian Media Monitoring Company*Scammers Impersonating IRS for Payment Fraud*Adobe Releases Security Updates*WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug*Microsoft Teams ‘Fake Updates’ Malware Campaign*Critical Security Updates for Multiple Intel Products*Ghimob Banking Trojan*Ransomware Attack on Italian Liquor Brand - Campari*Microsoft Patch Tuesday - November 2020*Pay2Key Ransomware*True Social Network App Exposed*Critical Security Flaws in SaltStack IT Infra Management Solution*Phishing Attacks on Russian Industrial Enterprises*Cisco AnyConnect Arbitrary Code Execution Vulnerability*Multiple Vulnerabilities in Google Android OS*Multiple Vulnerabilities in Adobe*Folksam Data Breach*Bigbasket Suffers Data Breach - Data of 2 Crore Users Now On Sale In Dark Web*Apple Fixes Three iOS Zero-Days*Capcom Hit by Ragnar Locker Ransomware*Dridex Botnet Stealing Banking Credentials*VMware Multiple Security Updates*Second Hand USB Drives Expose Sensitive Information of Previous Owners*New Google Drive Phishing Campaign*Cyberattack on Vermont Health Network*Alibaba's Online Store RedMart Suffers Data Breach*Bank Phone Numbers are being Spoofed to Rob Victims*Windows Zero-Day Exploit Publicly Disclosed*Nitro Software Massive Data Breach*Cryptocurrency Service 'Harvest Finance' Hacked - $24 Million Stolen*New Delivery Method of Emotet has been discovered*Cyberattacks Hit Schools & Colleges*Patients in Finland Blackmailed*KashmirBlack Botnet*Multiple Vulnerabilities in Fujitsu M12 Servers*IT Service Provider Sopra Steria Hit by Ryuk Ransomware*High Severity NVIDIA GeForce Experience Vulnerabilities Patched*SQL Injection Vulnerability in Rapid7 Nexpose*Information Disclosure Vulnerability in Linux Kernel*Multiple Security Vulnerabilities Identified in WAGO’s Cloud Connectivity Controllers*Browser Locker Scam Campaigns*VMware Multiple Security Updates*Zero-Click Vulnerabilities Identified in the Linux Bluetooth Software Stack*Browser Address Bar Spoofing Vulnerabilities in Multiple Mobile Browsers*Multiple Vulnerabilities in HP's Intelligent Management Center (IMC) Software*High Severity Router Vulnerability in Cisco IOS XR Software*Google Chrome Browser Multiple Security Updates*GravityRAT*Rise in QR Code Related Scams*Latest Release of Chrome and Edge Generating Random Log Files*Multiple Vulnerabilities in Magento CMS*Multiple Vulnerabilities in SonicWALL Sonic OS*Multiple Vulnerabilities in F2FS Toolset*Juniper Networks Releases Security Updates*Silent Librarian APT*Clips from Exposed Home Security Cameras Posted Online*Microsoft Disrupts TrickBot Malware Network*Double Extortion Ransomware Attack on Software AG*Denial-of-Service Vulnerabilities in Allen-Bradley Flex I/O System*Adobe Flash Player Application Critical Patch Update*Microsoft Patch Tuesday - October 2020*Microsoft Patches Critical Remote Code Execution Vulnerabilities*Information Disclosure Vulnerability in Apache Tomcat*Fitbit Spyware Watch Face*MontysThree Malware Used In Targeted Industrial Espionage Attacks*Critical Flaws Found In QNAP Helpdesk Leading To Device Takeover*New Cryptojacking Variant : Black-T*Vulnerability in Apple's T2 Mac Security Chips*Google Releases Patches for 50 Android System's Vulnerabilities*Trump's Health Email phishing Campaign Delivering BazarLoader Trojan*Cisco Patches Multiple Vulnerabilities*BAHAMUT : Hack For Hire Service*Flaws In Top Antivirus Softwares Leading to Privilege Escalation*Facebook Disables Chinese-Sponsored SilentFade Malware Campaign*HEH Botnet*APT Attack Injects Malware into Windows Error Reporting*COVID-19 Clinical Trial Hit by Ransomware*Multiple Vulnerabilities in Google Chrome Web Browser*Iranian hackers are exploiting the Zerologon vulnerability*Indian State Government Massive Data Breach*MosaicRegressor Malware Framework UEFI Firmware Bootkit*DDoS Attacks by Ransomware Attacker Groups*XDSpy APT Group*Backdoors in Microsoft 365 & Azure Active Directory using AADInternals PowerShell Module*Raccine Ransomware Vaccine*Microsoft Office 365 OAuth Access Token Phishing*Egregor Ransomware*InterPlanetary Storm Botnet Infects 13K Mac and Android Devices*Multiple Security Vulnerabilities in Wireshark Packet Analyzer*Palmerworm Espionage Campaign*Swatch Shuts Down IT Systems to Stop Cyberattack*Operation Sidecopy Launches Attack on Defense Forces in India*Microsoft Removed 18 Azure AD Applications*Microsoft Windows XP Source Code Leaked Online*Multiple Vulnerabilities in Apple Products*247K Microsoft Exchange Servers Vulnerable for RCE*A Bug in Windows Server 2016*Magento Credit Card Stealing Malware*Federal Agency Hit by Cyber Attack*Chalubo DDoS Botnet Targeting Unsecured SSH Servers*UHS hospitals Hit By Ransomware Attack*Phishing Campaign stating End of Support for Windows 7*Microsoft Office 365 Outage Reported in USA & Australia*Joker Trojan*Taurus Malicious Ad Campaign*Cisco Patches Multiple Security Bugs*APT-C-43 Steals Military Secrets*Microsoft Outlook Squatting Campaign*MoDi RAT*Heap Buffer Overflow Vulnerability in Instagram*Mozilla Firefox 81 Released*Automated MEOW Attack*RansomExx Ransomware Attack on Tyler Technologies*Phishing Campaign Targets AT&T Global Employees*TinyCryptor Ransomware*Multiple Security Vulnerabilities in Google Chrome Web Browser*Mozilla Bug - Hijacking Firefox Android Browsers*Maze Attackers adopt Ragnar Locker VM technique*Chinese Hackers Targeting U.S. Agencies*Multiple Vulnerabilities in Apple Safari*ZShlayer Malware*APT41 Chinese Hacking Group*Phishing Scam using Security Awareness Training Emails*MrbMiner Malware*MFA Bypass Vulnerability in Microsoft 365*Prometei Multi-Modular Botnet*Emotet Malware New Spamming Campaign*Lemon Duck Cryptominer*Qakbot malware*Trojan Glupteba
