VMware has released security updates to address a critical RCE vulnerability (CVE-2021-39144) affecting the VMware Cloud Foundation product.

Read: https://thehackernews.com/2022/10/vmware-releases-patch-for-critical-rce.html

Hackers behind the RomCom RAT malware have been observed using malicious versions of popular apps to attack Ukrainian military institutions.

Read: https://thehackernews.com/2022/10/romcom-hackers-circulating-malicious.html

A 26-year-old Ukrainian national has been charged in the U.S. for his alleged role in the Raccoon Stealer malware-as-a-service (MaaS) operation.

Read: https://thehackernews.com/2022/10/us-charges-ukrainian-hacker-over-role.html

North Korean cyber espionage group Kimsuky has been observed deploying three new Android malware strains (FastFire, FastViewer, and FastSpy) to attack users in its southern counterpart.

Read: https://thehackernews.com/2022/10/kimsuky-hackers-spotted-using-3-new.html

Researchers have uncovered a new cryptojacking campaign targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks to illicitly mine cryptocurrency.

Read: https://thehackernews.com/2022/10/new-cryptojacking-campaign-targeting.html

Australian health insurance company Medibank announced that the personal data of all 3.9 million customers had been unauthorizedly accessed following a recent ransomware attack.

Read: https://thehackernews.com/2022/10/australian-health-insurer-medibank.html

Researchers detail a recently reported vulnerability, dubbed “SiriSpy,” in Apple's iOS and macOS devices that could have allowed apps to eavesdrop on users' conversations with Siri.

Read: https://thehackernews.com/2022/10/apple-ios-and-macos-flaw-couldve-let.html

Researchers have uncovered over 80 command-and-control (C2) servers associated with the ShadowPad malware.

Read: https://thehackernews.com/2022/10/researchers-expose-over-80-shadowpad.html

U.S. government has charged a 34-year-old British hacker with running a dark web marketplace called "The Real Deal" that sold hacking tools and stolen credentials.

Read: https://thehackernews.com/2022/10/british-hacker-charged-for-operating.html

Raspberry Robin worm infected nearly 3,000 devices in nearly 1,000 organizations, allowing other cybercriminals to deploy malware such as IcedID, Bumblebee, TrueBot, and Clop ransomware.

Read: https://thehackernews.com/2022/10/raspberry-robin-operators-selling.html

⚡ Google is rolling out an emergency update for the Chrome browser to patch an actively exploited zero-day vulnerability (CVE-2022-3723).

Read: https://thehackernews.com/2022/10/google-issues-urgent-chrome-update-to.html

Cyber espionage group Cranefly uses stealthy tactics to target employees dealing with corporate transactions.

Read: https://thehackernews.com/2022/10/researchers-uncover-stealthy-techniques.html

5 malicious Android dropper apps with over 130,000 cumulative installs have been discovered in the Google Play Store, spreading banking trojans like SharkBot and Vultur to steal users' financial data and perform on-device fraud.

Read: https://thehackernews.com/2022/10/these-dropper-apps-on-play-store.html

Researchers have uncovered several serious vulnerabilities in Juniper Networks devices, some of which could be exploited for code execution.

Read: https://thehackernews.com/2022/10/high-severity-flaws-in-juniper-junos-os.html

Communication services provider Twilio disclosed another security incident involving the same threat actor behind the August hack.

Read: https://thehackernews.com/2022/10/twilio-reveals-another-breach-from-same.html

Researchers describe a recently reported vulnerability in Samsung's Galaxy Store app that could have enabled attackers to install and/or launch malicious apps and potentially carry out remote attacks.

Read: https://thehackernews.com/2022/10/samsung-galaxy-store-bug-couldve-let.html

An unofficial patch has been made available for an actively exploited vulnerability in Microsoft Windows that allows files signed with malformed signatures to bypass Mark-of-the-Web (MotW) protection.

Read: https://thehackernews.com/2022/10/unofficial-patch-released-for-new.html

GitHub patched a new high-severity repojacking bug that could have allowed attackers to access other users' repositories and perform supply chain attacks.

Read: https://thehackernews.com/2022/10/github-repojacking-bug-couldve-allowed.html

Hackers behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities.

Read: https://thehackernews.com/2022/10/fodcha-ddos-botnet-resurfaces-with-new.html

A critical vulnerability (CVE-2022-36537) has been reported and patched in ConnectWise R1Soft Server Backup Manager software that could lead to remote code execution and supply chain attacks.

Read: https://thehackernews.com/2022/11/critical-rce-vulnerability-reported-in.html

Chinese state-sponsored hackers have been observed employing a new stealthy infection chain in their LODEINFO malware attacks targeting Japanese entities.

Read: https://thehackernews.com/2022/11/chinese-hackers-using-new-stealthy.html