🔒 Web security matters more than ever. Don't miss this eye-opening case study by Reflectiz, revealing the hidden risks of rogue pixels on websites.

Privacy violations can happen even without hacking.

Learn more: https://thehackernews.com/2023/10/the-danger-of-forgotten-pixels-on.html

Microsoft warns of Scattered Spider, a financially motivated hacking crew that infiltrates firms worldwide using SMS phishing, SIM swapping, and by posing as new employees, leading to data breaches and takeovers.

Find out more: https://thehackernews.com/2023/10/microsoft-warns-as-scattered-spider.html

⚠️ Alert — Researchers expose new "iLeakage" side-channel attack targeting iOS, iPadOS, and macOS devices running on Apple's A and M-series CPUs.

Discover how sensitive data can be extracted using this new Safari exploit.

Read: https://thehackernews.com/2023/10/ileakage-new-safari-exploit-impacts.html

⚡ Urgent — F5 warns of a critical vulnerability (CVE-2023-46747) in BIG-IP, allowing unauthenticated remote code execution.

Learn more: https://thehackernews.com/2023/10/f5-issues-warning-big-ip-vulnerability.html

🤖 Google expands Vulnerability Rewards Program to address vulnerabilities and attack scenarios tailored to generative artificial intelligence (AI) systems, while also strengthening the supply chain.

Learn more: https://thehackernews.com/2023/10/google-expands-its-bug-bounty-program.html

Continuous monitoring is key. Discover how Fidelis Security's Network Detection and Response (NDR) solutions offer real-time threat detection to help you stay ahead of cyber threats.

Read: https://thehackernews.com/2023/10/how-to-keep-your-business-running-in.html

🚨 North Korea's Lazarus Group strikes again. Discover how they hacked a software vendor using known security flaws.

Read more: https://thehackernews.com/2023/10/n-korean-lazarus-group-targets-software.html

Wiretapping attempt discovered on XMPP-based messaging service involving Hetzner and Linode hosting providers in Germany. Evidence points to a lawful foreign police request.

Learn more: https://thehackernews.com/2023/10/researchers-uncover-wiretapping-of-xmpp.html

🔒 Beware! A new cyber threat is using bogus MSIX Windows app packages for popular software like Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to spread a dangerous malware called GHOSTPULSE.

Learn more ➜ https://thehackernews.com/2023/10/hackers-using-msix-app-packages-to.html

🚨 Three new high-severity security flaws discovered in NGINX Ingress controller for Kubernetes. Hackers can steal secret credentials.

Learn more: https://thehackernews.com/2023/10/urgent-new-security-flaws-discovered-in.html

⚠️ Alert: EleKtra-Leak cryptojacking campaign is exploiting exposed AWS IAM credentials on public GitHub repositories.

Find details here: https://thehackernews.com/2023/10/elektra-leak-cryptojacking-attacks.html

ServiceNow exposes sensitive data due to misconfigurations. Learn how this could've jeopardized your business and the steps to ensure your data is secure.

Read more: https://thehackernews.com/2023/10/servicenow-data-exposure-wake-up-call.html

Join our expert panel of security veterans Emo Gokay, Multi-Cloud Security Engineer at EY Technologies and George Prichici, VP of products at OPSWAT, as they share insights and strategies gathered from the frontlines of securing critical infrastructure from advanced and persistent malware.

Join: https://thehackernews.com/2023/10/new-webinar-5-must-know-trends.html

⚡️ Pro-Hamas hacktivist group using a new Linux-based malware, BiBi-Linux Wiper, to target Israeli entities amid ongoing conflict.

Read: https://thehackernews.com/2023/10/pro-hamas-hacktivists-targeting-israeli.html

Meta is introducing a paid ad-free subscription for Facebook and Instagram in Europe to comply with data protection laws.

Read details here: https://thehackernews.com/2023/10/meta-launches-paid-ad-free-subscription.html

Canada bans WeChat and Kaspersky apps on government devices, citing privacy and security risks.

Read details: https://thehackernews.com/2023/10/canada-bans-wechat-and-kaspersky-apps.html

🤖 A malvertising scheme is using compromised websites to trick users into downloading malware-laden PyCharm promoted via Google Ads.

Read details: https://thehackernews.com/2023/10/trojanized-pycharm-software-version.html

⚠️ Alert! Atlassian warns of critical flaw (CVE-2023-22518) in Confluence Data Center and Server. Disconnect publicly accessible instances until patched to avoid data loss.

Learn more: https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html

🛡️ Penetration testing just got a major upgrade. See how PentestPad automates report generation, enhances real-time collaboration, and integrates with your favorite tools.

Read details: https://thehackernews.com/2023/10/pentestpad-platform-for-pentest-teams.html

⚠️ Alert: Cybersecurity experts uncover stealthy malware scheme in NuGet package manager. Discover how threat actors deploy SeroXen RAT through rogue packages.

Learn more: https://thehackernews.com/2023/10/malicious-nuget-packages-caught.html

Arid Viper, a cyber espionage group linked to Hamas, has been spotted targeting Arabic-speaking users with #Android spyware disguised as a dating app.

Learn more: https://thehackernews.com/2023/10/arid-viper-targeting-arabic-android.html