🤖 A malvertising scheme is using compromised websites to trick users into downloading malware-laden PyCharm promoted via Google Ads.

Read details: https://thehackernews.com/2023/10/trojanized-pycharm-software-version.html

⚠️ Alert! Atlassian warns of critical flaw (CVE-2023-22518) in Confluence Data Center and Server. Disconnect publicly accessible instances until patched to avoid data loss.

Learn more: https://thehackernews.com/2023/10/atlassian-warns-of-new-critical.html

🛡️ Penetration testing just got a major upgrade. See how PentestPad automates report generation, enhances real-time collaboration, and integrates with your favorite tools.

Read details: https://thehackernews.com/2023/10/pentestpad-platform-for-pentest-teams.html

⚠️ Alert: Cybersecurity experts uncover stealthy malware scheme in NuGet package manager. Discover how threat actors deploy SeroXen RAT through rogue packages.

Learn more: https://thehackernews.com/2023/10/malicious-nuget-packages-caught.html

Arid Viper, a cyber espionage group linked to Hamas, has been spotted targeting Arabic-speaking users with #Android spyware disguised as a dating app.

Learn more: https://thehackernews.com/2023/10/arid-viper-targeting-arabic-android.html

Russian-linked hacking group Turla evolves with an upgraded Kazuar backdoor—a multi-threaded, modular tool with extensive capabilities—focusing on anti-analysis, stealth, and evasion techniques.

Learn more: https://thehackernews.com/2023/11/turla-updates-kazuar-backdoor-with.html

🚨 ALERT: State-sponsored North Korean hackers are using a sneaky #macOS malware called KANDYKORN to target crypto engineers via Discord.

Learn more: https://thehackernews.com/2023/11/north-korean-hackers-tageting-crypto.html

🚨 Security Alert ➜ F5 warns of active exploitation of a critical flaw (CVE-2023-46747) in BIG-IP, enabling attackers to execute system commands.

Learn more: https://thehackernews.com/2023/11/alert-f5-warns-of-active-attacks.html

Protect your network—patch now!

Iranian threat actor "Scarred Manticore" has launched a year-long cyber espionage campaign targeting the Middle East finance, government, military, and telecom sectors.

Learn more: https://thehackernews.com/2023/11/iranian-cyber-espionage-group-targets.html

Are you an Amazon Web Services (AWS) customer or considering migrating to the cloud?

Then don't miss this #webinar!

Join XMCyber and AWS as we explore the top attack paths and most common #exposures in #AWS, and share best practices for efficiently mitigating these risks.

When: November 2nd, 2023

Register now: https://thn.news/NEhcd6fh

Meet "Prolific Puma," the secretive threat actor behind a dangerous link shortening service with thousands of malicious domains used for phishing and malware distribution.

Learn how this operation evades detection: https://thehackernews.com/2023/11/dns-abuse-exposes-prolific-pumas.html

🚨 Urgent: Thousands of internet-accessible ActiveMQ instances are at risk.

HelloKitty ransomware group is actively exploiting a critical Remote Code Execution (RCE) flaw, CVE-2023-46604, in Apache ActiveMQ.

Find details here ➡️ https://thehackernews.com/2023/11/hellokitty-ransomware-group-exploiting.html

📣 FIRST announces CVSS v4.0, the latest version of the Common Vulnerability Scoring System. Discover how this update addresses critical vulnerabilities.

Details here: https://thehackernews.com/2023/11/first-announces-cvss-40-new.html

🔐 Researchers uncover vulnerabilities in 34 Windows drivers that non-privileged hackers can exploit to take control of your device and execute code.

Read details: https://thehackernews.com/2023/11/researchers-find-34-windows-drivers.html

🕵️‍♂️ Iranian state-backed hackers, MuddyWater, has evolved its tactics. They're now using N-able's Advanced Monitoring Agent in their latest spear-phishing campaign.

Read details: https://thehackernews.com/2023/11/irans-muddywater-targets-israel-in-new.html

Simplify SaaS Security.

Discover, assess, and control your organization's SaaS usage with Wing Security's "Essential SSPM" tool. A freemium model that makes securing your cloud-based operations easy.

Read more: https://thehackernews.com/2023/11/saas-security-is-now-accessible-and.html

Mozi botnet's sudden drop in malicious activity traced back to a mysterious "kill switch."

Read more ➡️ https://thehackernews.com/2023/11/mysterious-kill-switch-disrupts-mozi.html

⚡ Alert: 48 malicious npm packages discovered. They can secretly compromise your system with a reverse shell.

Read details: https://thehackernews.com/2023/11/48-malicious-npm-packages-found.html

🚨 Beware: WhatsApp mods for #Android hiding a dangerous spyware, CanesSpy!

Your phone could be compromised without you knowing.

Find out more: https://thehackernews.com/2023/11/canesspy-spyware-discovered-in-modified.html

⚠️ ALERT: Cybercriminals are using compromised business accounts to lure victims with "revealing photos of young women," distributing NodeStealer malware.

Protect your account, read the full story: https://thehackernews.com/2023/11/nodestealer-malware-hijacking-facebook.html

Discover how predictive AI is shaping the future of cybersecurity. Learn how BlackBerry's Cylance AI is outperforming the competition in malware protection.

Read the article now: https://thehackernews.com/2023/11/predictive-ai-in-cybersecurity-outcomes.html