GitHub's secret scanning just got even better! Now supporting AWS, Microsoft, Google, and Slack tokens, ensuring your code's safety.

Learn how to amp up your code security with this powerful feature:https://thehackernews.com/2023/10/githubs-secret-scanning-feature-now.html

🤖 Cyber Intrusion Alert! Semiconductor companies in East Asia are under attack.

Threat actors posing as TSMC deploy Cobalt Strike beacons via HyperBro backdoor.

Read now: https://thehackernews.com/2023/10/chinese-hackers-target-semiconductor.html

🔒 Strengthen your organization's security posture! Satori's UDPS offers real-time policy updates, non-intrusive encryption, and compatibility with diverse data platforms.

Learn how to safeguard your data effortlessly: https://thehackernews.com/2023/10/new-os-tool-tells-you-who-has-access-to.html

Cryptocurrency laundering hits $7 BILLION 💰

Report reveals Lazarus Group, tied to North Korea, involved in $900 million cross-chain bridge laundering spree. As mixers face scrutiny, crypto criminals shift tactics.

Read details: https://thehackernews.com/2023/10/north-koreas-lazarus-group-launders-900.html

⚡️ Gaza-based hacker group Storm-1133 targets Israeli energy, defense, and telecom.

Microsoft's report exposes tactics, including employing LinkedIn fakes & dynamic C2 infra on Google Drive.

Read: https://thehackernews.com/2023/10/gaza-linked-cyber-threat-actor-targets.html

🚨 Heads up, Developers! Curl library, backbone of data transfers, to address TWO security vulnerabilities on October 11, 2023.

Read: https://thehackernews.com/2023/10/security-patch-for-two-new-flaws-in.html

CVE-2023-38545 & CVE-2023-38546 pose risks; details under wraps.

🔐 Multiple high-severity vulnerabilities discovered in ConnectedIO's 3G/4G routers and cloud platform could let hackers execute malicious code and access sensitive data.

Get the details: https://thehackernews.com/2023/10/high-severity-flaws-in-connectedios.html

🚨 Heads up, senior executives! A new phishing campaign is on the rise, targeting Senior Executives in U.S. firms.

Read: https://thehackernews.com/2023/10/cybercriminals-using-evilproxy-phishing.html

Cybercriminals using EvilProxy to hijack accounts, specifically hitting banking, finance, insurance & manufacturing.

Ever dreamed in code? Moonlock Lab's #malware research engineer did, seeing 'MyHotKeyHandler,' 'Keylogger,' and 'macOS.'

#ChatGPT recreated the malicious code, revealing the risky world of AI jailbreaks and prompt engineering.

Learn how prompt injections make AI models go rogue: https://thehackernews.com/2023/10/i-had-dream-and-generative-ai-jailbreaks.html

📱 PEACHPIT alert! This ad fraud botnet, linked to China's BADBOX operation, targeted 15M+ Android & iOS users.

Learn how threat actors exploited devices for ad fraud and data theft: https://thehackernews.com/2023/10/peachpit-massive-ad-fraud-botnet.html

🔒 Hackers are exploiting the CVE-2023-3519 vulnerability in Citrix NetScaler devices for credential harvesting attacks.

Patch your systems ASAP! Read more: https://thehackernews.com/2023/10/citrix-devices-under-attack-netscaler.html

🚨 Heads up, Linux users! A new critical vulnerability in the libcue library exposes GNOME Linux systems to remote code execution (RCE) attacks.

Read details of CVE-2023-43641 here: https://thehackernews.com/2023/10/libcue-library-flaw-opens-gnome-linux.html

⚠️ Magecart strikes again with a new twist! Hackers are now hiding malicious code on the 404 error pages of compromised shopping sites to steal users' credit cards.

Read details here — https://thehackernews.com/2023/10/new-magecart-campaign-alters-404-error.html

A New APT Emerges: Grayling, an unknown player, targets IT, manufacturing, and biomedical sectors in Taiwan. Researchers reveal their distinctive techniques in the latest report.

Read: https://thehackernews.com/2023/10/researchers-uncover-grayling-apts.html

🔑 Default password-free sign-ins for everyone. Google introduces passkeys for all users, simplifying your online security.

Learn all about it: https://thehackernews.com/2023/10/google-adopts-passkeys-as-default-sign.html

🚨 Online risks to children are increasing.

Thorn's report reveals minors are sharing explicit images, sometimes coerced. Learn how tech is using "hashing and matching" to combat this online threat.

Read: https://thehackernews.com/2023/10/new-report-child-sexual-abuse-content.html

⚡ Beware of the HTTP/2 Rapid Reset attack!

A novel zero-day flaw is being exploited to launch record-breaking distributed DDoS attacks.

Find out more here: https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html

Learn how AWS, Cloudflare, and Google are addressing CVE-2023-44487.

🛑 A critical flaw (CVE-2023-22515) in Atlassian Confluence is being exploited by a nation-state actor, Storm-0062.

Read: https://thehackernews.com/2023/10/microsoft-warns-of-nation-state-hackers.html

Upgrade to the latest versions ASAP to safeguard your data and systems.

⚠️ Adobe Acrobat Reader users, beware! CISA adds high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities list.

Read: https://thehackernews.com/2023/10/us-cybersecurity-agency-warns-of.html

Don't wait – update your software now.

🛡️ Microsoft's October 2023 Patch Tuesday: 103 new vulnerabilities addressed, including 2 zero-days and 13 critical ones.

Find details for CVE-2023-36563 and CVE-2023-41763 and other flaws here — https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html

Update now to protect your systems.

🔐 Protect your organization's data! Password security is crucial. Discover the risks of password reuse and how to mitigate them with Specops Password Policy.

Read: https://thehackernews.com/2023/10/take-offensive-approach-to-password.html