Researchers reveal 3-year cyber espionage campaign by China-linked Velvet Ant group, exploiting F5 BIG-IP for persistence and deploying PlugX malware variants.

Read details: https://thehackernews.com/2024/06/china-linked-hackers-infiltrate-east.html

ASUS releases crucial updates for multiple router models to address critical authentication bypass and buffer overflow vulnerabilities.

Read: https://thehackernews.com/2024/06/asus-patches-critical-authentication.html

Learn how integrating security early in DevOps with DevSecOps practices enhances productivity and ensures software integrity

Read: https://thehackernews.com/2024/06/what-is-devsecops-and-why-is-it.html

🚨 Major cybercrime busts!

1️⃣ Two extradited to Singapore for mobile malware, 4,000+ victims.

2️⃣ Taiwan arrests 4 for unauthorized bank transfers, $1.33M seized.

3️⃣ U.S. charges 2 for Empire Market, $430M in illegal trades.

Read: https://thehackernews.com/2024/06/singapore-police-extradites-malaysians.html

VMware has released patches for Cloud Foundation, vCenter Server, and vSphere ESXi to fix critical flaws that could allow RCE and privilege escalation.

Learn more about CVE-2024-37079, CVE-2024-37080 & CVE-2024-37081—and secure your infrastructure now.

https://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html

Researchers uncover a new malware campaign targeting exposed Docker API endpoints to deliver cryptocurrency miners and remote access tools.

Learn more: https://thehackernews.com/2024/06/new-malware-targets-exposed-docker-apis.html

Cybercriminals exploit free software lures, SEO tricks and social engineering tactics to deploy Hijack Loader, Vidar Stealer, and other malware, targeting unsuspecting users.

Read: https://thehackernews.com/2024/06/cybercriminals-exploit-free-software.html

EU's controversial proposal to scan private messages for CSAM detection raises alarms for end-to-end encryption.

Signal Foundation president warns of severe risks. Learn more: https://thehackernews.com/2024/06/signal-foundation-warns-against-eus.html

Explore the latest trends in SaaS security investment and challenges. Discover how enterprises are enhancing their security strategies to protect critical data and operations.

Read: https://thehackernews.com/2024/06/the-annual-saas-security-report-2025.html

🚨 Attention: Researchers uncover security flaws in the Mailcow mail server suite, affecting all versions prior to 2024-04.

These vulnerabilities allow for arbitrary code execution and admin account takeover.

Find details here: https://thehackernews.com/2024/06/mailcow-mail-server-flaws-expose.html

⚠️ Alert: A new large-scale scam by "markopolo" targets cryptocurrency users with malware-infected applications like Vortax to deliver information stealers such as Rhadamanthys, StealC, and Atomic #macOS Stealer.

🔗 Don't fall for it—get details: https://thehackernews.com/2024/06/warning-markopolos-scam-targeting.html

Void Arachne targets Chinese-speaking users with malicious VPN installers.

This sophisticated attack employs SEO poisoning and promotes compromised MSI files containing nudifiers, deepfake porno-generating software, and AI voice and facial technologies.

https://thehackernews.com/2024/06/void-arachne-uses-deepfakes-and-ai-to.html

Explore the dangers of Google Tag Manager misconfigurations with real-world examples.

Learn how to safeguard your data and comply with privacy laws.

Read: https://thehackernews.com/2024/06/new-case-study-unmanaged-gtm-tags.html

China-linked cyber espionage group UNC3886 exploits zero-day vulnerabilities in Fortinet, Ivanti, and VMware devices and evading detection with advanced techniques.

Discover how they operate: https://thehackernews.com/2024/06/chinese-cyber-espionage-group-exploits.html

⚡ Kraken exchange hacked: $3 Million stolen due to zero-day flaw. Researcher exploits bug, extorts company, refuses to return funds.

Read: https://thehackernews.com/2024/06/kraken-crypto-exchange-hit-by-3-million.html

Kraken working with law enforcement, calls actions criminal.

Discover the latest evasive malware loader, SquidLoader, targeting Chinese organizations via phishing emails. Learn about its advanced anti-analysis techniques and the ongoing threat of loader malware.

Details ➡️ https://thehackernews.com/2024/06/experts-uncover-new-evasive-squidloader.html

🔒 Fickle Stealer, a new Rust-based malware, and AZStealer, an open-source Python stealer, target sensitive data from crypto wallets, browsers, and more through multiple attack chains and exfiltration methods.

Learn more: https://thehackernews.com/2024/06/new-rust-based-fickle-malware-uses.html

Chinese-linked cyber espionage groups have been uncovered in a long-term infiltration of telecom operators in Asia since 2021, deploying custom malware and stealing credentials.

Read: https://thehackernews.com/2024/06/chinese-cyber-espionage-targets-telecom.html

Explore the challenges MSPs face with too many cybersecurity tools and discover how Guardz's unified platform simplifies operations and enhances security.

Read: https://thehackernews.com/2024/06/tool-overload-why-msps-are-still.html

Researchers uncover 'UEFIcanhazbufferoverflow' (CVE-2024-0762), a security flaw in Phoenix SecureCore UEFI firmware affecting multiple #Intel processor families.

Learn more: https://thehackernews.com/2024/06/researchers-uncover-uefi-vulnerability.html

U.S. bans Kaspersky software over national security concerns, citing Russian government ties. The ban extends to Kaspersky's affiliates, subsidiaries, and parent companies.

Learn about the ban's impact and Kaspersky's response: https://thehackernews.com/2024/06/us-bans-kaspersky-software-citing.html