North Korean hackers have been spotted using malicious extensions for Chromium-based web browsers (Google Chrome, Microsoft Edge, and Naver's Whale) to steal email content from Gmail and AOL accounts.

Read: https://thehackernews.com/2022/07/north-korean-hackers-using-malicious.html

Microsoft finds a potential connection between the USB-based Raspberry Robin worm and a notorious Russian cybercrime group known as Evil Corp.

Read details: https://thehackernews.com/2022/07/microsoft-links-raspberry-robin-usb.html

Operators of Gootkit access-as-a-service (AaaS) malware have resurfaced with updated techniques to compromise unsuspecting victims.

Read details: https://thehackernews.com/2022/07/gootkit-loader-resurfaces-with-updated.html

A 24-year-old Australian hacker has been charged with developing and selling the "Imminent Monitor" spyware to more than 14,500 people in 128 countries, including perpetrators of domestic violence and child sex offenders.

Read: https://thehackernews.com/2022/07/australian-hacker-charged-with-creating.html

Researchers from CloudSEK found that nearly 3,200 mobile apps expose their Twitter API keys, some of which can be used to gain unauthorized access to Twitter accounts.

Read details: https://thehackernews.com/2022/08/researchers-discover-nearly-3200-mobile.html

LockBit ransomware has been observed abusing Microsoft Windows Defender tool to decrypt and load Cobalt Strike payloads on targeted computers.

Read details: https://thehackernews.com/2022/08/lockbit-ransomware-abuses-windows.html

Researchers have discovered a new "New ParseThru" parameter smuggling vulnerability affecting GoLang-based apps that can be exploited to bypass validations under certain conditions and could also be used to gain unauthorized access.

Read: https://thehackernews.com/2022/08/new-parsethru-parameter-smuggling.html

Researchers have discovered a new offensive hacking framework called Manjusaka, which they call the "Chinese sibling of Sliver and Cobalt Strike."

Read: https://thehackernews.com/2022/08/chinese-hackers-using-new-manjusaka.html

VMware releases security patches to address 10 new vulnerabilities affecting multiple products that could be abused by unauthenticated attackers to perform malicious actions.

Read: https://thehackernews.com/2022/08/vmware-releases-patches-for-several-new.html

Researchers warn of a new, large-scale phishing campaign in which hackers have been observed using AitM techniques to get around security protections and compromise enterprise email accounts.

Read details: https://thehackernews.com/2022/08/researchers-warns-of-large-scale-aitm.html

VirusTotal reveals the list of the most commonly impersonated software in malware attacks.

Read details: https://thehackernews.com/2022/08/virustotal-reveals-most-impersonated.html

It took researchers about 62 minutes to crack a late-stage Post-Quantum encryption candidate algorithm using a single-core CPU.

Read details: https://thehackernews.com/2022/08/single-core-cpu-cracked-post-quantum.html

Cisco rolls out security patches to address new vulnerabilities affecting small business routers, the most critical of which could allow attackers to execute malicious code.

Read details: https://thehackernews.com/2022/08/cisco-business-routers-found-vulnerable.html

Hackers "likely" exploited a vulnerability in Atlassian Confluence server to deploy a never-before-seen backdoor for espionage purposes against a research and technical services organization.

Read details: https://thehackernews.com/2022/08/hackers-exploited-atlassian-confluence.html

Hackers have been targeting Russian entities for at least a year with the newly discovered remote access trojan Woody RAT.

Read details: https://thehackernews.com/2022/08/new-woody-rat-malware-being-used-to.html

Researchers discovered a critical unauthenticated RCE vulnerability (CVE-2022-32548) affecting 29 different router models from DrayTek that can be exploited to gain full access over targeted networks.

Read details: https://thehackernews.com/2022/08/critical-rce-bug-could-let-hackers.html

U.S. cybersecurity agency CISA has added a recently disclosed, high-severity vulnerability in the Zimbra email suite to its "Known Exploited Vulnerabilities Catalog," citing evidence of active exploitation.

Read details: https://thehackernews.com/2022/08/cisa-adds-zimbra-email-vulnerability-to.html

An increasing number of malware attacks are leveraging a nascent command-and-control service called "Dark Utilities," which allows hackers to remotely control compromised systems.

Read details: https://thehackernews.com/2022/08/a-growing-number-of-malware-attacks.html

The U.S. Department of Homeland Security (DHS) has warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices that could enable attackers to send fake messages.

Read details: https://thehackernews.com/2022/08/emergency-alert-system-flaws-could-let.html

Slack has reset passwords for some of its users after discovering a vulnerability in its workspace invitation system that exposed their salted password hashes.

Read details: https://thehackernews.com/2022/08/slack-resets-passwords-after-bug.html

Twitter reveals that hackers exploited a new zero-day vulnerability to expose 5.4 million user accounts by linking emails and phone numbers to them.

Read details: https://thehackernews.com/2022/08/hackers-exploit-twitter-vulnerability.html