🔒 Exclusive Webinar Alert!

Zero Trust Security: Your ultimate shield against sophisticated cyberattacks. Find out how to lock down your data and stop data breaches.

Reserve your spot in this must-attend webinar now: https://thehacker.news/zero-trust-attack-surface?source=social

🚨 Ransomware roars back! 55.5% surge in victims in 2023, but LockBit isn't the only king anymore.

Meet 3AM, Rhysida, and Akira - rising stars you need to know.

Read the latest Ransomware Report: https://thehackernews.com/2024/01/3-ransomware-group-newcomers-to-watch.html

⚠️ Windows users, beware!

Cybercriminals are weaponizing the CVE-2023-36025 Windows vulnerability to deploy "Phemedrone Stealer," an open-source data stealer, that targets browsers, crypto wallets, and chat apps.

Learn more: https://thehackernews.com/2024/01/hackers-weaponize-windows-flaw-to.html

Over 137,000 people lost cryptocurrency to Inferno Drainer, a malware-as-a-service scam operating for a year.

It siphoned $87 million in crypto by mimicking Web3 brands such as Seaport, Coinbase, and WalletConnect.

Read the full story: https://thehackernews.com/2024/01/inferno-malware-masqueraded-as-coinbase.html

🔒 Did you know a simple cookie misconfiguration can cost millions in fines?

See how a major retailer's overlooked issue nearly led to a privacy disaster. Discover the critical missteps and how to avoid them: https://thehackernews.com/2024/01/case-study-cookie-privacy-monster-in.html

Beware! Remcos RAT, a stealthy remote access trojan, is now spreading in South Korea disguised as adult-themed games via webhards.

Discover how this advanced malware operates ➡️ https://thehackernews.com/2024/01/remcos-rat-spreading-through-adult.html

PATCH Now — More than 178,000 SonicWall firewalls remain exposed to the potentially devastating CVE-2022-22274 and CVE-2023-0656 security flaws.

These vulnerabilities open the door to DoS and RCE attacks.

Learn more: https://thehackernews.com/2024/01/alert-over-178000-sonicwall-firewalls.html

🔥 Chrome Zero-Day Alert!

Update your browser NOW to patch a new critical flaw exploited by hackers. This memory leak bug lets attackers steal your secrets.

Learn more about CVE-2024-0519:

https://thehackernews.com/2024/01/zero-day-alert-update-chrome-now-to-fix.html

More Zero-Days !!!

✅ Citrix fixes critical RCE flaws (CVE-2023-6548, CVE-2023-6549) exploited in wild.

✅ VMware Aria Automation bug (CVE-2023-34063) allows attacker control.

✅ Atlassian issues fixes for 24+ flaws, including RCE.

Patch, Update ASAP: https://thehackernews.com/2024/01/citrix-vmware-and-atlassian-hit-with.html

🚨 GitHub fixes high-severity bug (CVE-2024-0200) that could've exposed your credentials in production containers.

Your keys have been rotated — Import new ones for commit signing, Actions, Codespaces, or Dependabot.

Details here: https://thehackernews.com/2024/01/github-rotates-keys-after-high-severity.html

🕵️‍♂️ Discover how a simple 'Shutdown.log' file on your iPhone could be the key to identifying the presence of notorious spyware, including Pegasus, QuaDream's Reign, and Intellexa's Predator.

Find out how: https://thehackernews.com/2024/01/new-ishutdown-method-exposes-hidden.html

🚨 Alert: CISA & FBI warn of a growing AndroxGh0st botnet targeting AWS, Microsoft Office 365, SendGrid, and Twilio credentials.

Key details inside: https://thehackernews.com/2024/01/feds-warn-of-androxgh0st-botnet.html

Don't be the next victim; patch your Laravel servers NOW.

"Mind Sandstorm," an Iranian cyber espionage group, has targeted experts in Middle Eastern affairs across several countries.

This sophisticated cyber threat uses unique social engineering tactics to infiltrate systems.

Read: https://thehackernews.com/2024/01/iranian-hackers-masquerades-as.html

Popular PAX PoS systems used in countless stores worldwide are vulnerable to crippling attacks.

Hackers could hijack transactions, steal data, and wreak havoc.

Are you patched? Read the full story: https://thehackernews.com/2024/01/pax-pos-terminal-flaw-could-allow.html

99.7% of orgs use AI-powered SaaS. Your favorite productivity apps might be quietly learning from your data & code.

Wing Security's free discovery tool exposes the hidden AI in your SaaS & lets you take back control.

Learn more: https://thehackernews.com/2024/01/combating-ip-leaks-into-ai-applications.html

🔒 Multiple vulnerabilities, called "PixieFail," found in UEFI firmware used by major manufacturers like AMI and Intel. Attackers can exploit these vulnerabilities to gain control, steal data, or cause damage.

Details ➡️ https://thehackernews.com/2024/01/pixiefail-uefi-flaws-expose-millions-of.html

Remember those annoying texts you keep approving? They might be hacker traps!

Learn about MFA spamming and expert tips ➡️ https://thehackernews.com/2024/01/mfa-spamming-and-fatigue-when-security.html

⚠️ Developers, beware! Hackers can poison AI models and software. Vulnerabilities found in TensorFlow CI/CD pipeline allow #malware upload and token theft.

Learn about the AI/ML threat: https://thehackernews.com/2024/01/tensorflow-cicd-flaw-exposed-supply.html

Russian Spy Group Now Deploying Custom "SPICA" Backdoor!

TAG exposes COLDRIVER's evolution from phishing to malware attacks targeting Ukraine, NATO, and beyond.

Learn their sneaky tactics: https://thehackernews.com/2024/01/russian-coldriver-hackers-expand-beyond.html

A new attack targets Docker servers and uses a combo of cryptocurrency mining and website traffic generation for profit. It could leave a backdoor for attackers to exploit later.

Patch your systems and monitor for suspicious activity: https://thehackernews.com/2024/01/new-docker-malware-steals-cpu-for.html

🆘 Patch your Ivanti ASAP! CISA urges action, especially for government agencies.

A critical flaw (CVE-2023-35082) in Ivanti EPMM is being exploited in the wild, giving attackers access to your data.

Don't wait, read more: https://thehackernews.com/2024/01/us-cybersecurity-agency-warns-of.html