🚨 Attention: Researchers uncover security flaws in the Mailcow mail server suite, affecting all versions prior to 2024-04.

These vulnerabilities allow for arbitrary code execution and admin account takeover.

Find details here: https://thehackernews.com/2024/06/mailcow-mail-server-flaws-expose.html

⚠️ Alert: A new large-scale scam by "markopolo" targets cryptocurrency users with malware-infected applications like Vortax to deliver information stealers such as Rhadamanthys, StealC, and Atomic #macOS Stealer.

🔗 Don't fall for it—get details: https://thehackernews.com/2024/06/warning-markopolos-scam-targeting.html

Void Arachne targets Chinese-speaking users with malicious VPN installers.

This sophisticated attack employs SEO poisoning and promotes compromised MSI files containing nudifiers, deepfake porno-generating software, and AI voice and facial technologies.

https://thehackernews.com/2024/06/void-arachne-uses-deepfakes-and-ai-to.html

Explore the dangers of Google Tag Manager misconfigurations with real-world examples.

Learn how to safeguard your data and comply with privacy laws.

Read: https://thehackernews.com/2024/06/new-case-study-unmanaged-gtm-tags.html

China-linked cyber espionage group UNC3886 exploits zero-day vulnerabilities in Fortinet, Ivanti, and VMware devices and evading detection with advanced techniques.

Discover how they operate: https://thehackernews.com/2024/06/chinese-cyber-espionage-group-exploits.html

⚡ Kraken exchange hacked: $3 Million stolen due to zero-day flaw. Researcher exploits bug, extorts company, refuses to return funds.

Read: https://thehackernews.com/2024/06/kraken-crypto-exchange-hit-by-3-million.html

Kraken working with law enforcement, calls actions criminal.

Discover the latest evasive malware loader, SquidLoader, targeting Chinese organizations via phishing emails. Learn about its advanced anti-analysis techniques and the ongoing threat of loader malware.

Details ➡️ https://thehackernews.com/2024/06/experts-uncover-new-evasive-squidloader.html

🔒 Fickle Stealer, a new Rust-based malware, and AZStealer, an open-source Python stealer, target sensitive data from crypto wallets, browsers, and more through multiple attack chains and exfiltration methods.

Learn more: https://thehackernews.com/2024/06/new-rust-based-fickle-malware-uses.html

Chinese-linked cyber espionage groups have been uncovered in a long-term infiltration of telecom operators in Asia since 2021, deploying custom malware and stealing credentials.

Read: https://thehackernews.com/2024/06/chinese-cyber-espionage-targets-telecom.html

Explore the challenges MSPs face with too many cybersecurity tools and discover how Guardz's unified platform simplifies operations and enhances security.

Read: https://thehackernews.com/2024/06/tool-overload-why-msps-are-still.html

Researchers uncover 'UEFIcanhazbufferoverflow' (CVE-2024-0762), a security flaw in Phoenix SecureCore UEFI firmware affecting multiple #Intel processor families.

Learn more: https://thehackernews.com/2024/06/researchers-uncover-uefi-vulnerability.html

U.S. bans Kaspersky software over national security concerns, citing Russian government ties. The ban extends to Kaspersky's affiliates, subsidiaries, and parent companies.

Learn about the ban's impact and Kaspersky's response: https://thehackernews.com/2024/06/us-bans-kaspersky-software-citing.html

⚠️ Alert: SolarWinds Serv-U vulnerability (CVE-2024-28995) is under active exploitation. Urgent update required to protect sensitive data from unauthorized access.

Learn more: https://thehackernews.com/2024/06/solarwinds-serv-u-vulnerability-under.html

🚨 Searching for Google Chrome or Microsoft Teams? Be cautious!

Cybercriminals are exploiting search engines to redirect users to fake websites & distribute trojanized versions of popular apps to spread the Oyster #malware.

Read: https://thehackernews.com/2024/06/oyster-backdoor-spreading-via.html

📁 Beware of ZIP files!

Discover how a new phishing campaign targets Pakistan using military-themed emails to spread PHANTOM#SPIKE, a custom backdoor granting remote system access.

Learn more: https://thehackernews.com/2024/06/military-themed-emails-used-to-spread.html

🚨 New Threat Alert!

Chinese-speaking SneakyChef hackers are targeting government entities worldwide and AI-focused organizations with sophisticated SugarGh0st and SpiceRAT malware.

Get the latest insights — https://thehackernews.com/2024/06/chinese-hackers-deploy-spicerat-and.html

Discover the power of SOC Automation Capability Matrix for cybersecurity incident response and workflow automation. Perfect for enhancing your security operations.

Read: https://thehackernews.com/2024/02/how-to-use-tiness-soc-automation.html

U.S. Treasury sanctions 12 Kaspersky executives following Commerce Department's ban on Kaspersky software in the U.S. The company and CEO remain unaffected.

Learn more: https://thehackernews.com/2024/06/us-treasury-sanctions-12-kaspersky.html

🚨 Beware: A new adware, AdsExhaust, is targeting Meta Quest app seekers with malicious downloads, manipulating browsers, and generating unauthorized revenue through sophisticated techniques.

Read: https://thehackernews.com/2024/06/warning-new-adware-campaign-targets.html

New cybercrime gang ExCobalt targets Russian organizations with sophisticated GoRed backdoor.

Explore their tactics: https://thehackernews.com/2024/06/excobalt-cyber-gang-targets-russian.html

Cyber espionage groups are using Rafel RAT, an open-source Android tool, disguised as popular apps like Instagram, WhatsApp, and more. This malware conducts data theft and device manipulation.

Read: https://thehackernews.com/2024/06/iranian-hackers-deploy-rafel-rat-in.html