CuteBoi !!!
Researchers have uncovered a new large-scale cryptocurrency mining campaign involving over 1200 malicious NPM JavaScript packages uploaded by over a thousand different user accounts.
Read: https://thehackernews.com/2022/07/over-1200-npm-packages-found-involved.html
Researchers have uncovered a new large-scale cryptocurrency mining campaign involving over 1200 malicious NPM JavaScript packages uploaded by over a thousand different user accounts.
Read: https://thehackernews.com/2022/07/over-1200-npm-packages-found-involved.html
π1
U.S. cybersecurity and intelligence agencies warn of hackers backed by the North Korean government attacking the healthcare sector with the Maui ransomware.
Read: https://thehackernews.com/2022/07/north-korean-maui-ransomware-actively.html
Read: https://thehackernews.com/2022/07/north-korean-maui-ransomware-actively.html
Researchers have uncovered 350 variants of a malicious browser extension used in a widespread adware campaign that targets all major web browsers, including Google Chrome, Opera and Mozilla Firefox.
Read: https://thehackernews.com/2022/07/experts-uncover-350-browser-extension.html
Read: https://thehackernews.com/2022/07/experts-uncover-350-browser-extension.html
Microsoft appears to have quietly reversed its decision to disable Visual Basic for Applications (VBA) macros in its Office productivity suite by default, just five months after announcing the changes.
Read: https://thehackernews.com/2022/07/microsoft-quietly-rolls-back-plan-to.html
Read: https://thehackernews.com/2022/07/microsoft-quietly-rolls-back-plan-to.html
Researchers detail a wide range of constantly evolving techniques used by LockBit ransomware uses to infect targets and disable endpoint security solutions.
Details: https://thehackernews.com/2022/07/researchers-detail-techniques-lockbit.html
Details: https://thehackernews.com/2022/07/researchers-detail-techniques-lockbit.html
Cybersecurity researchers are drawing attention to an ongoing wave of attacks linked to Raspberry Robin hackers spreading Windows malware with worm-like capabilities.
Read: https://thehackernews.com/2022/07/researchers-warn-of-raspberry-robins.html
Read: https://thehackernews.com/2022/07/researchers-warn-of-raspberry-robins.html
UPDATE β Microsoft confirms to The Hacker News that its decision to reverse course, which does not disable VBA macros by default, is βtemporaryβ and the company is working on some additional changes to improve the user experience.
Read: https://thehackernews.com/2022/07/microsoft-quietly-rolls-back-plan-to.html
Read: https://thehackernews.com/2022/07/microsoft-quietly-rolls-back-plan-to.html
π1
PyPI software repository mandates 2-factor authentication for critical Python projects and offering free hardware security keys to developers.
Read: https://thehackernews.com/2022/07/pypi-repository-makes-2af-security.html
Read: https://thehackernews.com/2022/07/pypi-repository-makes-2af-security.html
π2
One of Axie Infinity's former employees was reportedly tricked into accepting a fraudulent job offer on LinkedIn, leading to the $540 million hack in March 2022.
Read details: https://thehackernews.com/2022/07/hackers-used-fake-job-offer-to-hack-and.html
Read details: https://thehackernews.com/2022/07/hackers-used-fake-job-offer-to-hack-and.html
π1
Malicious actors increasingly leveraging GitHub actions and Azure virtual machines (VMs) for cloud-based cryptocurrency mining.
Read: https://thehackernews.com/2022/07/cloud-based-cryptocurrency-miners.html
Read: https://thehackernews.com/2022/07/cloud-based-cryptocurrency-miners.html
π1
Microsoft has announced the general availability of a feature called Autopatch that automatically keeps Windows and Office software up-to-date on enrolled endpoints.
Read: https://thehackernews.com/2022/07/microsoft-windows-autopatch-is-now.html
Read: https://thehackernews.com/2022/07/microsoft-windows-autopatch-is-now.html
Following a warning from the Italian regulator over a possible GDPR breach, TikTok has agreed to halt a controversial privacy policy update in Europe that would have allowed the company to track users for targeted advertising without their consent.
https://thehackernews.com/2022/07/tiktok-postpones-privacy-policy-update.html
https://thehackernews.com/2022/07/tiktok-postpones-privacy-policy-update.html
Microsoft has released its July 2022 Patch Tuesday updates to address 84 new vulnerabilities, including a zero-day vulnerability that is actively being exploited in the wild.
Read: https://thehackernews.com/2022/07/microsoft-releases-fix-for-zero-day.html
Read: https://thehackernews.com/2022/07/microsoft-releases-fix-for-zero-day.html
π1
Researchers have uncovered new variants of the "ChromeLoader" information-stealing malware, highlighting its evolving feature set in a short span of time.
Read: https://thehackernews.com/2022/07/researchers-uncover-new-variants-of.html
Read: https://thehackernews.com/2022/07/researchers-uncover-new-variants-of.html
Microsoft warns of a large-scale AiTM phishing attack campaign targeting over 10,000 organizations around the world that hijacks Office 365's authentication process even for accounts with multi-factor authentication (MFA).
Read: https://thehackernews.com/2022/07/microsoft-warns-of-large-scale-aitm.html
Read: https://thehackernews.com/2022/07/microsoft-warns-of-large-scale-aitm.html
π1
The U.S. Federal Trade Commission (FTC) warned that it would take action against the illegal use and sharing of highly sensitive data by technology companies and false claims of data anonymization.
Read: https://thehackernews.com/2022/07/us-ftc-vows-to-crack-down-on-illegal.html
Read: https://thehackernews.com/2022/07/us-ftc-vows-to-crack-down-on-illegal.html
π1
ESET researchers have discovered three new buffer overflow vulnerabilities in the UEFI firmware of several Lenovo Notebook devices, including several ThinkBook models.
Details: https://thehackernews.com/2022/07/new-uefi-firmware-vulnerabilities.html
Details: https://thehackernews.com/2022/07/new-uefi-firmware-vulnerabilities.html
Researchers uncover a new vulnerability in numerous AMD and Intel microprocessors that could bypass current protections and lead to Specter-based attacks with speculative execution.
Details: https://thehackernews.com/2022/07/new-retbleed-speculative-execution.html
Details: https://thehackernews.com/2022/07/new-retbleed-speculative-execution.html
Microsoft has disclosed details of a now-patched vulnerability (CVE-2022-26706) in Apple operating systems β iOS, iPadOS, macOS, tvOS and watchOS β that could allow attackers to escalate privileges and deploy malware.
Read: https://thehackernews.com/2022/07/microsoft-details-app-sandbox-escape.html
Read: https://thehackernews.com/2022/07/microsoft-details-app-sandbox-escape.html
π1π₯1
Nation-state hacking groups aligned with China, Iran, North Korea, and Turkey have been targeting journalists in a series of campaigns to spy on them.
Read: https://thehackernews.com/2022/07/state-backed-hackers-targeting.html
Read: https://thehackernews.com/2022/07/state-backed-hackers-targeting.html
π1
Researchers warn of a new malware campaign by Pakistani "Transparent Tribe" hackers targeting students at educational institutions in India.
Read: https://thehackernews.com/2022/07/pakistani-hackers-targeting-indian.html
Read: https://thehackernews.com/2022/07/pakistani-hackers-targeting-indian.html
π2