Game over? In a dramatic turn of events, LockBitSupp, a key figure in the notorious LockBit ransomware operation, is "reportedly" cooperating with law enforcement.

Find details here: https://thehackernews.com/2024/02/authorities-claim-lockbit-admin.html

Cybercriminals are using Google's Cloud Run service to launch large-scale email phishing attacks, distributing banking trojans like Astaroth, Mekotio, and Ousaban.

Read: https://thehackernews.com/2024/02/banking-trojans-target-latin-america.html

🚨 LockBit ransomware operators are back online after a law enforcement takedown, blaming outdated software for the breach.

They are now calling for increased attacks on the government sector.

Find out more: https://thehackernews.com/2024/02/lockbit-ransomware-group-resurfaces.html

Fake npm packages traced back to North Korean hackers, aiming at developers with sophisticated credential-stealing scripts.

Learn more: https://thehackernews.com/2024/02/north-korean-hackers-targeting.html

Protect your projects—verify your dependencies now.

🤖 Think LLMs are foolproof? Think again! Hackers are exploiting them to steal sensitive data. Protect yourself – learn the latest LLM security risks and how to defend against them.

🔗 Learn more: https://thehackernews.com/2024/02/three-tips-to-protect-your-secrets-from.html

Over 8,000 subdomains belonging to recognized brands and organizations are being exploited for malicious email distribution.

Learn more: https://thehackernews.com/2024/02/8000-subdomains-of-trusted-brands.html

SPF, DKIM, DMARC – they're not enough. "ResurrecAds" is bypassing email security measures with alarming ease.

🚨 Malicious cyber campaign targets Ukrainian entities in Finland with Remcos RAT via IDAT Loader, utilizing rare steganography technique.

Learn more: https://thehackernews.com/2024/02/new-idat-loader-attacks-using.html

⚠️ Alert — Critical security flaw (CVE-2024-1071) found in Ultimate Member WordPress plugin used by 200k sites.

Read more: https://thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html

Update to version 2.8.3 to fix SQL injection vulnerability and prevent data breaches.

🤖 Security researchers have uncovered a new vulnerability in Hugging Face's Safetensors conversion service that could lead to supply chain attacks, compromising user-submitted models.

Read details: https://thehackernews.com/2024/02/new-hugging-face-vulnerability-exposes.html

🔒 Alert: Five Eyes agencies unveil latest tactics of Russian state-sponsored hacker group APT29, revealing advanced techniques in cybersecurity warfare.

Learn more: https://thehackernews.com/2024/02/five-eyes-agencies-expose-apt29s.html

🚨 ALERT - Open-source Xeno RAT available on GitHub with features like remote access, audio recording, & hidden VNC. Experts warn of rising RAT attacks.

Learn more: https://thehackernews.com/2024/02/open-source-xeno-rat-trojan-emerges-as.html

Patch your LiteSpeed Cache plugin for WordPress against CVE-2023-40000. This flaw could lead to unauthorized site takeover.

Click for details: https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html

Ever wondered how SOC teams can sift through millions of alerts without missing a beat?

Discover how Threat Intelligence Platforms are revolutionizing SOC investigations and turning chaos into clarity.

Explore how to refine threat hunting: https://thehackernews.com/2024/02/from-alert-to-action-how-to-speed-up.html

🛡️ Is your Ubiquiti EdgeRouter safe? A joint advisory from cybersecurity and intelligence agencies reveals APT28's use of MooBot to exploit your devices.

Read the full advisory: https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html

Mexican users are under siege by a sophisticated cyberattack campaign using tax-themed phishing emails to plant "TimbreStealer," a data-snatching #malware.

Learn more: https://thehackernews.com/2024/02/timbrestealer-malware-spreading-via-tax.html

BlackCat ransomware is back - healthcare on high alert!

FBI, CISA, and HHS warn healthcare to guard against BlackCat. Ransomware groups escalate attacks using remote access vulnerabilities and custom tools.

Learn more: https://thehackernews.com/2024/02/fbi-warns-us-healthcare-sector-of.html

Is your cybersecurity strategy evolving? Traditional perimeter defenses are no longer enough. Discover how focusing on privileged users can transform your security posture.

Dive deeper into the shift ➜ https://thehackernews.com/2024/02/superusers-need-super-protection-how-to.html

Iranian hackers are using fake job offers to target Middle East industries, particularly in aerospace, aviation, and defense. The cyberattacks have been linked to threat group UNC1549, backed by Iran.

Learn more: https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html

🛑 Attention APT hunters! Chinese hacker groups UNC5325 & UNC3886 are exploiting Ivanti flaws (CVE-2024-21893 & CVE-2024-21887) to deploy persistent malware (LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, PITHOOK).

Learn more: https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html

🍷 Fancy a glass of malware? New 'SPIKEDWINE' campaign lures European diplomats with fake wine-tasting invites, deploying the sophisticated WINELOADER backdoor.

Learn more: https://thehackernews.com/2024/02/new-backdoor-targeting-european.html

⚠️ Alert, developers! North Korean hackers uploaded malware to PyPI. Packages like pycryptoenv and pycryptoconf targeted typos in popular #encryption library.

Learn more: https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html