North Korea-linked Lazarus Group targeted a South Korean financial firm by exploiting a zero-day vulnerability in certificate software.

Learn more: https://thehackernews.com/2023/03/lazarus-group-exploits-zero-day.html

⚡ Severe flaws have been uncovered in the popular Jenkins Automation Server, affecting all versions prior to 2.319.2.

Dubbed "CorePlague," the flaws could lead to code execution attacks and potentially compromise your server completely.

https://thehackernews.com/2023/03/jenkins-security-alert-new-security.html

🚨Attention! Fortinet has released security patches for 15 new flaws, including a critical vulnerability (CVE-2023-25610) affecting FortiOS and FortiProxy that could allow attackers to take control of affected systems.

Details: https://thehackernews.com/2023/03/new-critical-flaw-in-fortios-and.html

8220 Gang hackers are now using a new weapon in their arsenal — ScrubCrypt Crypter — to carry out cryptojacking attacks by exploiting the Oracle WebLogic vulnerability.

Read details: https://thehackernews.com/2023/03/new-scrubcrypt-crypter-used-in.html

Iranian hacking group is posing as a U.S. think tank to target women involved in Middle East political affairs and human rights.

Learn more: https://thehackernews.com/2023/03/iranian-hackers-target-women-involved.html

⚠️Heads up, folks! IceFire, a Windows-based ransomware strain, is now targeting Linux-powered enterprise networks by exploiting a vulnerability in IBM Aspera Faspex file-sharing software.

Learn more: https://thehackernews.com/2023/03/icefire-linux-ransomware.html

Researchers warn of security vulnerabilities in remote desktop programs such as Sunlogin and AweSun being exploited by threat actors to deploy the PlugX malware.

Read details: https://thehackernews.com/2023/03/hackers-exploiting-remote-desktop.html

North Korean hackers using new malware families to target media and technology organizations in the U.S. and Europe.

Learn more: https://thehackernews.com/2023/03/north-korean-unc2970-hackers-expands.html

Cybersecurity experts are warning about a new variant of the Android banking trojan, Xenomorph, which has surfaced with new capabilities to target more than 400 banking and financial institutions.

Read: https://thehackernews.com/2023/03/xenomorph-android-banking-trojan.html

A new China-linked hacking campaign has been observed targeting unpatched devices to drop malware and establish long-term persistence.

Read details: https://thehackernews.com/2023/03/china-linked-hackers-targeting.html

👏 International law enforcement authorities shut down the online infrastructure of the cross-platform NetWire RAT and arrested a Croatian national believed to be the site's administrator.

Learn more: https://thehackernews.com/2023/03/international-law-enforcement-takes.html

Heads up! An updated version of the Prometei modular malware has infected over 10,000 systems globally since Nov 2022 in Brazil, Indonesia, and Turkey.

Learn more: https://thehackernews.com/2023/03/new-version-of-prometei-botnet-infects.html

🚨 Attention all! Malware downloader BATLOADER has been found abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif.

Learn more: https://thehackernews.com/2023/03/batloader-malware-uses-google-ads-to.html

Dark Pink APT actor is back in action, using the KamiKakaBot malware to target government and military entities in Southeast Asia.

Learn more: https://thehackernews.com/2023/03/kamikakabot-malware-used-in-latest-dark.html

Knock knock, who's there? Akuvox E11. And apparently, a dozen security flaws too! 😱

Check out this article to learn more: https://thehackernews.com/2023/03/researchers-uncover-over-dozen-security.html

Beware of AI-generated YouTube videos! Threat actors are using them to spread stealer malware like Raccoon, RedLine, and Vidar.

Learn more: https://thehackernews.com/2023/03/warning-ai-generated-youtube-video.html

Cyber criminals are using fake ChatGPT-branded Chrome extensions to distribute malware and hijack Facebook accounts.

Learn more: https://thehackernews.com/2023/03/fake-chatgpt-chrome-extension-hijacking.html

A malicious cyber operation has been targeting websites aimed at East Asian audiences and redirecting visitors to adult-themed content.

Learn more: https://thehackernews.com/2023/03/large-scale-cyber-attack-hijacks-east.html

Fortinet researchers have discovered an advanced and highly targeted threat actor that is exploiting a zero-day security vulnerability (CVE-2022-41328) in FortiOS. This flaw could potentially result in the execution of arbitrary code.

Learn more: https://thehackernews.com/2023/03/fortinet-fortios-flaw-exploited-in.html

🚨 Heads up, everyone!

Cybercriminal group DEV-1101 is using an open-source AiTM phishing kit to launch attacks at scale. It can bypass MFA protections and steal passwords and session cookies.

Learn more about this: https://thehackernews.com/2023/03/microsoft-warns-of-large-scale-use-of.html

GoBruteforcer, a new Golang-based malware, is using brute-force attacks to target web servers running phpMyAdmin, MySQL, FTP, and Postgres.

Learn more: https://thehackernews.com/2023/03/gobruteforcer-new-golang-based-malware.html