🚨 Hackers could take control of your LG Smart TV – Multiple security vulnerabilities have been uncovered in LG webOS, allowing unauthorized access.

Get the details and check if you need the update 👇
https://thehackernews.com/2024/04/researchers-discover-lg-smart-tv.html

Did you know that 80% of app security issues stem from outdated dependencies?

Join Justin Clareburt, Product Owner at Mend Renovate, for a live session on April 17th. Discover how automated dependency updates can keep your apps modern, secure, and bug-free.

Register now: https://thn.news/updating-dependencies-webinar

⚠️ Researchers uncover Starry Addax, a sophisticated threat actor targeting human rights activists in Morocco & the Western Sahara region with fake #Android apps & Windows login pages.

Learn more: https://thehackernews.com/2024/04/hackers-targeting-human-rights.html

🕵️‍♂️ RUBYCARP, a sophisticated hacker group suspected to be from Romania and active for over a decade, has been discovered operating a long-standing botnet for cryptocurrency mining, DDoS, and phishing attacks.

Details: https://thehackernews.com/2024/04/10-year-old-rubycarp-romanian-hacker.html

⚠️ Attention Developers: A severe vulnerability (CVE-2024-24576) in the Rust standard library could lead to command injection attacks on Windows systems.

https://thehackernews.com/2024/04/critical-batbadbut-rust-vulnerability.html

CVSS score of 10.0. Patch any apps using vulnerable Rust versions ASAP!

🔥 Urgent Patch Alert!

Microsoft releases a massive patch for April 2024, fixing a record 149 flaws. Two vulnerabilities are ALREADY under attack.

https://thehackernews.com/2024/04/microsoft-fixes-149-flaws-in-huge-april.html

Update your systems NOW.

Researchers found the "first native Spectre v2 exploit" targeting Linux kernel on Intel systems, bypassing existing memory leak protections and privilege escalation defenses.

Read details here: https://thehackernews.com/2024/04/researchers-uncover-first-native.html

Misconfigured systems? Forgotten accounts? These are like secret tunnels for hackers into your systems.

Want to find these hidden security weaknesses? Join our FREE webinar: "Top 4 Identity Security Threat Exposures: Are You Vulnerable?"

Save your spot: https://thehackernews.com/2024/04/webinar-learn-how-to-stop-hackers-from.html

⚠️ BEWARE: Hackers are exploiting GitHub's search feature—using popular names and boosting rankings with fake stars—to lure developers into downloading #malware-infected repositories.

https://thehackernews.com/2024/04/beware-githubs-fake-popularity-scam.html

⚠️ Researchers uncover a fresh wave of the Raspberry Robin campaign spreading malware through malicious Windows Script Files (WSFs) since March 2024.

Read more about this evolving threat: https://thehackernews.com/2024/04/raspberry-robin-returns-new-malware.html

Active Android spyware campaign 'eXotic Visit' targeting users in India and Pakistan.

Fake messaging apps like "ChitChat" and "Alpha Chat" actually contain the trojan.

https://thehackernews.com/2024/04/exotic-visit-spyware-campaign-targets.html

Bad news: Some of these apps were on Google Play.

🚨 Urgent security warning - If you use FortiClientLinux, update immediately. Critical vulnerability could let attackers run code on your system.

Patch now, get the details here: https://thehackernews.com/2024/04/fortinet-has-released-patches-to.html

🛡️ Apple's updated Spyware Alert System now warns individual users of potential targeting by mercenary spyware attacks.

Details here 👉 https://thehackernews.com/2024/04/apple-expands-spyware-alert-system-to.html

🚨 TA547 hacker group adopts new tactics, possibly harnessing the power of generative AI, to deploy the Rhadamanthys info stealer in attacks on German organizations.

Find details here: https://thehackernews.com/2024/04/ta547-phishing-attack-hits-german-firms.html

The question you need to ask: Are you affected by the XZ Util Backdoor?

Prevent future risks and make sure you have a defense-in-depth strategy using Wiz CDR and runtime sensor.

See Wiz in Action: https://thn.news/wiz-cloud-security

😱 Yikes! Did you know that over 11,000 secrets (passwords, API keys...) were leaked on the Python repository PyPI, and over 12.8 million on GitHub in 2023?

GitGuardian's findings are alarming - read the details: https://thehackernews.com/2024/04/gitguardian-report-pypi-secrets.html

🚨 Urgent - CISA issues emergency directive urging federal agencies to analyze compromised emails and ramp up cybersecurity measures following the recent compromise of Microsoft's systems by a Russian nation-state group.

Details > https://thehackernews.com/2024/04/us-federal-agencies-ordered-to-hunt-for.html

🚨 E-commerce website owners and admins – BEWARE!

Reseachers uncover a credit card skimmer hidden within a bogus Meta Pixel tracker script.

Check your website's security now: https://thehackernews.com/2024/04/sneaky-credit-card-skimmer-disguised-as.html

🛑 URGENT - Critical zero-day security vulnerability (CVE-2024-3400) discovered in Palo Alto Networks firewalls.

Hackers are already exploiting it in the wild, enabling them "to execute arbitrary code with root privileges."

Details👇 https://thehackernews.com/2024/04/zero-day-alert-critical-palo-alto.html

MuddyWater's new C2 infrastructure, DarkBeatC2, has been spotted in the wild, targeting Israeli institutions with a fresh attack campaign.

Read: https://thehackernews.com/2024/04/iranian-muddywater-hackers-adopt-new-c2.html

Software systems have a hidden world of 'non-human' identities... think of them like API keys on steroids.

Learn how to protect your systems from attacks targeting these identities: https://thehackernews.com/2024/04/code-keepers-mastering-non-human.html