Researchers publish an in-depth analysis of JS Sniffers, uncovering some new families of credit card-skimming code

https://thehackernews.com/2019/04/js-sniffers-credit-card-hacking.html

Georgia Institute of Technology suffers a massive data breach due to a vulnerability in its web app

https://thehackernews.com/2019/04/georgia-tech-data-breach.html

Attacker(s) allegedly stole personal information of ~1.3 million current and former faculty members, students, staff and student applicants.

Warning — If you have a "private" blog [not self-hosted] with WordPress and are using its official iOS app to manage it, the secret authentication token for your account might have accidentally been leaked to third-party websites

https://thehackernews.com/2019/04/wordpress-ios-security.html

😱 Over 540 Million Facebook User Records Exposed Through Unprotected Amazon Servers

https://thehackernews.com/2019/04/facebook-app-database.html

Breaking — NSA just released the complete source code for its reverse engineering suite GHIDRA version 9.0.2 on Github

https://thehackernews.com/2019/03/ghidra-reverse-engineering-tool.html

PS: Nope, it's not an April Fools joke!

Well, this is ironic. Hackers could turn an Antivirus app pre-installed on over 150 million Xiaomi smartphones into malware


Read more ➤ https://thehackernews.com/2019/04/xiaomi-antivirus-app.html

[New] Breaking — MI Browser app, pre-installed on millions of Xiaomi smartphones, contains an unpatched critical vulnerability (CVE-2019-10875) allowing malicious sites to spoof URLs displayed in the address bar.

Read ➤ https://thehackernews.com/2019/04/xiaomi-browser-vulnerability.html

Microsoft releases first Preview Builds of its new Chromium-powered Edge web browser

https://thehackernews.com/2019/04/chromium-edge-browser.html

Canary and Developer versions are now available for download and testing.

'Exodus' Surveillance #Malware Found Targeting #iOS Users Using Apple's Enterprise Developer Program

https://thehackernews.com/2019/04/exodus-ios-malware.html

Researcher Reveals Multiple Flaws in Verizon Fios Wi-Fi Routers

https://thehackernews.com/2019/04/verizon-wifi-router-security.html

● CVE-2019-3914: Authenticated Command Injection (Root)
● CVE-2019-3915: Login Replay
● CVE-2019-3916: Password Salt disclosure

★ Firmware Patch + PoC Exploit Released

Adobe releases April 2019 security updates to patch a total of 40 vulnerabilities in Flash Player, Acrobat Reader, Shockwave, Other Products.

Read more >> https://thehackernews.com/2019/04/adobe-security-updates.html

Microsoft Patch Tuesday — April 2019 Updates Released

Latest Windows Update Patches 74 Security Flaws, Including 2 New EoP Zero-Days Already Being Exploited in the Wild

https://thehackernews.com/2019/04/microsoft-patch-updates.html

Researchers Unveil Sophisticated 'TajMahal' APT Malware Framework (80+ Modules) That Remained Undetected for 5 Years

https://thehackernews.com/2019/04/apt-malware-framework.html

🔥 BREAKING — Researchers find several vulnerabilities in the latest WPA3 WiFi security protocol that could allow attackers to hack WiFi passwords using password partitioning attacks

Read More https://thehackernews.com/2019/04/wpa3-hack-wifi-password.html

London Police Has Arrested WikiLeaks Founder "Julian Assange" After Ecuadorian Government Withdraws Asylum

https://thehackernews.com/2019/04/wikileaks-julian-assange-arrested.html

Watch Out! Popular VSDC video editing software website was HACKED (once again) for a month; hackers replaced software download links with the banking and password stealing malware

https://thehackernews.com/2019/04/free-video-editing-malware.html

Matrix—Open Source e2e Encrypted Messaging Project—Suffers Extensive Cyber Attack

https://thehackernews.com/2019/04/encrypted-messenger-cyberattack.html …

Hackers defaced Matrix's site, stole "unencrypted private messages, password hashes, access tokens," and GPG keys the project maintainers used for signing packages.

Hackers Compromised Credentials for Microsoft's Customer Support Panel and Used It to Access Information of Outlook Email Accounts for 3 Months

Read more — https://thehackernews.com/2019/04/microsoft-outlook-email-hack.html

Apache releases security important updates to patch a new Remote Code Execution flaw (CVE-2019-0232) in Apache Tomcat

https://thehackernews.com/2019/04/apache-tomcat-security-flaw.html

Google Helps Police Identify Devices Close to Crime Scenes Using its "SensorVault" Location History Database and Track Narrowed-Down Suspects or Witnesses.

https://thehackernews.com/2019/04/google-location-tracking.html

Researchers discover a new rapidly evolving, rootkit-enabled multifunctional spyware—dubbed SCRANOS—that can steal browser history, cookies, passwords and payment accounts from various services, inject ads, and download new payloads

Read: https://thehackernews.com/2019/04/scranos-rootkit-spyware.html