🤖 Think LLMs are foolproof? Think again! Hackers are exploiting them to steal sensitive data. Protect yourself – learn the latest LLM security risks and how to defend against them.

🔗 Learn more: https://thehackernews.com/2024/02/three-tips-to-protect-your-secrets-from.html

Over 8,000 subdomains belonging to recognized brands and organizations are being exploited for malicious email distribution.

Learn more: https://thehackernews.com/2024/02/8000-subdomains-of-trusted-brands.html

SPF, DKIM, DMARC – they're not enough. "ResurrecAds" is bypassing email security measures with alarming ease.

🚨 Malicious cyber campaign targets Ukrainian entities in Finland with Remcos RAT via IDAT Loader, utilizing rare steganography technique.

Learn more: https://thehackernews.com/2024/02/new-idat-loader-attacks-using.html

⚠️ Alert — Critical security flaw (CVE-2024-1071) found in Ultimate Member WordPress plugin used by 200k sites.

Read more: https://thehackernews.com/2024/02/wordpress-plugin-alert-critical-sqli.html

Update to version 2.8.3 to fix SQL injection vulnerability and prevent data breaches.

🤖 Security researchers have uncovered a new vulnerability in Hugging Face's Safetensors conversion service that could lead to supply chain attacks, compromising user-submitted models.

Read details: https://thehackernews.com/2024/02/new-hugging-face-vulnerability-exposes.html

🔒 Alert: Five Eyes agencies unveil latest tactics of Russian state-sponsored hacker group APT29, revealing advanced techniques in cybersecurity warfare.

Learn more: https://thehackernews.com/2024/02/five-eyes-agencies-expose-apt29s.html

🚨 ALERT - Open-source Xeno RAT available on GitHub with features like remote access, audio recording, & hidden VNC. Experts warn of rising RAT attacks.

Learn more: https://thehackernews.com/2024/02/open-source-xeno-rat-trojan-emerges-as.html

Patch your LiteSpeed Cache plugin for WordPress against CVE-2023-40000. This flaw could lead to unauthorized site takeover.

Click for details: https://thehackernews.com/2024/02/wordpress-litespeed-plugin.html

Ever wondered how SOC teams can sift through millions of alerts without missing a beat?

Discover how Threat Intelligence Platforms are revolutionizing SOC investigations and turning chaos into clarity.

Explore how to refine threat hunting: https://thehackernews.com/2024/02/from-alert-to-action-how-to-speed-up.html

🛡️ Is your Ubiquiti EdgeRouter safe? A joint advisory from cybersecurity and intelligence agencies reveals APT28's use of MooBot to exploit your devices.

Read the full advisory: https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html

Mexican users are under siege by a sophisticated cyberattack campaign using tax-themed phishing emails to plant "TimbreStealer," a data-snatching #malware.

Learn more: https://thehackernews.com/2024/02/timbrestealer-malware-spreading-via-tax.html

BlackCat ransomware is back - healthcare on high alert!

FBI, CISA, and HHS warn healthcare to guard against BlackCat. Ransomware groups escalate attacks using remote access vulnerabilities and custom tools.

Learn more: https://thehackernews.com/2024/02/fbi-warns-us-healthcare-sector-of.html

Is your cybersecurity strategy evolving? Traditional perimeter defenses are no longer enough. Discover how focusing on privileged users can transform your security posture.

Dive deeper into the shift ➜ https://thehackernews.com/2024/02/superusers-need-super-protection-how-to.html

Iranian hackers are using fake job offers to target Middle East industries, particularly in aerospace, aviation, and defense. The cyberattacks have been linked to threat group UNC1549, backed by Iran.

Learn more: https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html

🛑 Attention APT hunters! Chinese hacker groups UNC5325 & UNC3886 are exploiting Ivanti flaws (CVE-2024-21893 & CVE-2024-21887) to deploy persistent malware (LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, PITHOOK).

Learn more: https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html

🍷 Fancy a glass of malware? New 'SPIKEDWINE' campaign lures European diplomats with fake wine-tasting invites, deploying the sophisticated WINELOADER backdoor.

Learn more: https://thehackernews.com/2024/02/new-backdoor-targeting-european.html

⚠️ Alert, developers! North Korean hackers uploaded malware to PyPI. Packages like pycryptoenv and pycryptoconf targeted typos in popular #encryption library.

Learn more: https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html

U.S. President Biden signs Executive Order to prevent mass data transfers—from biometric to financial data—to 'countries of concern' due to #privacy and national security risks.

Read details here: https://thehackernews.com/2024/02/president-biden-blocks-mass-transfer-of.html

🔐 Data privacy is no longer a maybe, it's a must!

Discover how a CDP can help you ethically personalize customer experiences while complying with regulations.

Join our webinar to discover the secrets of first-party data: https://thehackernews.com/2024/02/building-your-privacy-compliant.html

⚠️ Lazarus Group hackers found exploiting a Windows kernel zero-day vulnerability (CVE-2024-21338) weeks after a patch was released, allowing them to gain system-level control and disable security software on targeted systems.

Details here: https://thehackernews.com/2024/02/lazarus-hackers-exploited-windows.html

Beware! A new 🐧 Linux malware called "GTPDOOR" has been discovered that targets 📡 telecom networks and leverages the 🛜 GPRS Tunneling Protocol (GTP) for command-and-control (C2) communications.

Read details here: https://thehackernews.com/2024/02/gtpdoor-linux-malware-targets-telecoms.html