Linux-based botnet "Enemybot" has expanded its arsenal to exploit recently disclosed vulnerabilities in IoT devices, web servers, Android devices, and content management systems (CMS).

Read details: https://thehackernews.com/2022/05/enemybot-linux-botnet-now-exploits-web.html

SideWinder APT hackers have been linked to more than 1,000 cyberattacks since April 2020.

Read: https://thehackernews.com/2022/05/sidewinder-hackers-launched-over-1000.html

As the mobile threat landscape evolves in 2022, new and existing banking trojans are increasingly targeting Android devices to perform on-device frauds.

Read details: https://thehackernews.com/2022/05/latest-mobile-malware-report-suggests.html

Chinese APT hackers aligned with state interests have been observed weaponizing the new zero-day vulnerability in Microsoft Office to compromise affected systems.

Read details: https://thehackernews.com/2022/05/chinese-hackers-begin-exploiting-latest.html

A new version of the XLoader botnet malware has been discovered that uses a probability-based approach to camouflage its command and control (C&C) infrastructure.

Read details: https://thehackernews.com/2022/06/new-xloader-botnet-version-using.html

Researchers have developed a new open-source framework — called YODA — that helps detect 47,000 malicious WordPress plugins installed on more than 24,000 websites.

Read details: https://thehackernews.com/2022/06/yoda-tool-found-47000-malicious.html

A new unpatched vulnerability has been disclosed in the open-source Horde Webmail client that could be exploited to achieve RCE on the email server simply by sending a specially crafted email to a victim.

Read: https://thehackernews.com/2022/06/new-unpatched-horde-webmail-bug-lets.html

U.S. Department of Justice seizes 3 web domains used by cybercriminals to trade stolen information and offer DDoS services.

Read — https://thehackernews.com/2022/06/doj-seizes-3-web-domains-used-to-sell.html

SideWinder hackers have added a new custom tool and fake VPN apps to their arsenal of malware tools used to attack public and private entities in Pakistan.

Read details: https://thehackernews.com/2022/06/sidewinder-hackers-use-fake-android-vpn.html

Researchers have discovered a new security flaw in UNISOC's chipset that can be used to disrupt smartphone radio communications through a malformed packet.

Read details: https://thehackernews.com/2022/06/critical-unisoc-chip-vulnerability.html

ExpressVPN is removing its India-based VPN servers in response to a new cybersecurity directive from India's Computer Emergency Response Team (CERT-In) that requires all VPN providers to store users' data for at least 5 years.

Read: https://thehackernews.com/2022/06/expressvpn-removes-servers-in-india.html

Researchers demonstrate R4IoT ransomware that exploits IoT devices to gain access and move laterally in an IT network and compromise the OT network.

Read details: https://thehackernews.com/2022/06/researchers-demonstrate-ransomware-for.html

An analysis of leaked chats from the notorious Conti ransomware group has now revealed that the syndicate has been working on a set of firmware-based attack techniques.

Read details: https://thehackernews.com/2022/06/conti-leaks-reveal-ransomware-gangs.html

Microsoft has blocked the hacking activities of previously undocumented Iran-linked Lebanese hackers targeting Israeli companies.

Read details: https://thehackernews.com/2022/06/microsoft-blocks-iran-linked-lebanese.html

Researchers have uncovered a critical unpatched RCE vulnerability (CVE-2022-26134) affecting Atlassian Confluence Server and Data Center products that is being actively exploited by hackers.

Read details: https://thehackernews.com/2022/06/hackers-exploiting-unpatched-critical.html

Researchers have uncovered JavaScript malware and variants behind a network of thousands of hacked websites powering the Parrot Traffic Direction System (TDS) revealed earlier this year.

Details: https://thehackernews.com/2022/06/researchers-uncover-malware-controlling.html

GitLab releases patch for a critical account takeover vulnerability (CVE-2022-1680) affecting all versions of Enterprise Edition from 11.10 before 14.9.5, all versions from 14.10 before 14.10.4, and all versions from 15.0 before 15.0.1.

Read: https://thehackernews.com/2022/06/gitlab-issues-security-patch-for.html

Atlassian has released a security patch that addresses a critical vulnerability (CVE-2022-26134) in Confluence Server and Data Center products that is being actively exploited by attackers.

Read details: https://thehackernews.com/2022/06/atlassian-releases-patch-for-confluence.html

Researchers discover a new state-sponsored attack that exploits the "Follina" vulnerability in Microsoft Office to target government entities in Europe and the United States.

Read details: https://thehackernews.com/2022/06/state-backed-hackers-exploit-microsoft.html

CISA has issued a warning about critical vulnerabilities in Illumina DNA Sequencing devices that could allow unauthenticated attackers to remotely take control of the affected product.

Read details: https://thehackernews.com/2022/06/cisa-warned-about-critical.html

Microsoft said it has taken legal action to stop spear-phishing campaigns associated with Iranian Bohrium hackers by taking over 41 domains used as command-and-control infrastructure.

Read details: https://thehackernews.com/2022/06/microsoft-seizes-41-domains-used-in.html