⚠️ GitLab has patched a critical vulnerability (CVE-2024-6385) with a CVSS score of 9.6, allowing attackers to run pipeline jobs as any user.

Also, Citrix updates for CVE-2024-6235, & Broadcom addresses flaws in VMware Cloud Director (CVE-2024-22277) & Aria Automation (CVE-2024-22280).

Learn more: https://thehackernews.com/2024/07/gitlab-patches-critical-flaw-allowing.html

Don't wait – secure your development environment now.

A recently disclosed security flaw in PHP (CVE-2024-4577) is being exploited by multiple threat actors to deploy remote access trojans, cryptocurrency miners, and DDoS botnets.

Learn more https://thehackernews.com/2024/07/php-vulnerability-exploited-to-spread.html

⚠️ A new phishing campaign is spreading Poco RAT malware among Spanish-speaking sectors, including utilities and manufacturing.

Details here: https://thehackernews.com/2024/07/new-poco-rat-targets-spanish-speaking.html

🔍 Analysts note the malware's unique focus on anti-analysis and C2 activities, making it harder to detect.

APT41 is suspected of using an advanced version of StealthVector, called DodgeBox, to deliver a new backdoor named MoonWalk.

Understanding the advanced evasion techniques used by DodgeBox is essential for maintaining robust cybersecurity.

Read: https://thehackernews.com/2024/07/chinese-apt41-upgrades-malware-arsenal.html

🚨 Developers, be cautious! New wave of malicious packages found in NuGet!

Hackers are using IL Weaving to inject malicious code into legitimate binaries, embedding remote access trojans in popular packages.

Read: https://thehackernews.com/2024/07/60-new-malicious-packages-uncovered-in.html

⚠️ Urgent: Palo Alto Networks has rolled out critical security updates to fix five vulnerabilities, including CVE-2024-5910, a severe authentication bypass flaw (CVSS 9.3).

Learn more: https://thehackernews.com/2024/07/palo-alto-networks-patches-critical.html

These updates affect multiple PAN-OS versions and Prisma Access.

As cybercriminals target smaller firms, affordable Privileged Access Management (PAM) solutions are essential for safeguarding sensitive data.

PAM reduces insider threats and ensures compliance with regulations like GDPR and HIPAA.

Learn more: https://thehackernews.com/2024/07/streamlined-security-solutions-pam-for.html

Alert: U.S. authorities disrupt major Russian influence operation using AI. The campaign targeted multiple countries and exploited social media platform vulnerabilities.

Learn more: https://thehackernews.com/2024/07/us-seizes-domains-used-by-ai-powered.html

AT&T confirms massive data breach affecting "nearly all" wireless customers. This impacts millions, potentially exposing call records and location data.

Learn more: https://thehackernews.com/2024/07/at-confirms-data-breach-affecting.html

This data could be a goldmine for cybercriminals planning targeted attacks.

🔥 Compromised credentials are now the #1 attack vector in 2024!

Every set of credentials is a potential entry point for attackers. This makes securing them more important than ever.

Learn more in this exclusive Expert-led webinar: https://thehackernews.com/2024/07/ever-wonder-how-hackers-really-steal.html

A new version of HardBit ransomware has emerged with advanced obfuscation techniques to evade analysis efforts and unique extortion tactics. Learn about its evolving threat landscape.

Learn more: https://thehackernews.com/2024/07/new-hardbit-ransomware-40-uses.html

Singapore banks will soon replace OTPs with digital tokens for online banking authentication to combat phishing attacks, as announced by MAS and ABS.

Learn more: https://thehackernews.com/2024/07/singapore-banks-to-phase-out-otps-for.html

This move significantly reduces the risk of credential theft and account hijacking.

⚠️ CRYSTALRAY threat actor has ramped up operations, infecting over 1,500 victims using open-source tools like SSH-Snake.

Learn more: https://thehackernews.com/2024/07/crystalray-hackers-infect-over-1500.html

Experts warn that the attackers are leveraging legitimate tools, making detection challenging.

📢 Upcoming WEBINAR on Building Effective Security Champion Programs.

Learn from industry leaders about creating a culture of collaboration & trust within your development teams.

Reserve your spot to watch this: https://thehacker.news/developer-security-champion

⚠️ Imagine your company's data exposed for $10 or less. That's the reality with infostealer #malware.

This alarming trend jeopardizes everything from bank details to internal credentials.

Learn how to protect your data ⬇️ https://thehackernews.com/2024/07/10000-victims-day-infostealer-garden-of.html

🔥 A leaked GitHub token could have granted admin access to critical repositories of the Python language, PyPI, and the PSF.

This incident could have led to a massive supply chain attack.

Learn more: https://thehackernews.com/2024/07/github-token-leak-exposes-pythons-core.html

🚨 CISA Adds GeoServer Flaw to KEV Catalog!

Critical RCE vulnerability CVE-2024-36401 is actively exploited, affecting all default GeoServer installations.

Read: https://thehackernews.com/2024/07/cisa-warns-of-actively-exploited-rce.html

Your geospatial data & systems are at severe risk of unauthorized access & manipulation.

Kaspersky, Russian cybersecurity giant, to exit U.S. market by July 20, 2024, following Commerce Department ban citing national security risks.

Read details: https://thehackernews.com/2024/07/kaspersky-exits-us-market-following.html

This move impacts thousands of U.S. businesses and individuals using Kaspersky products.

⚡ Alert: Void Banshee is actively exploiting a zero-day flaw in Microsoft MHTML to spread the Atlantida info-stealer.

CVE-2024-38112 threatens sensitive data across numerous platforms.

Learn about the attack chain: https://thehackernews.com/2024/07/void-banshee-apt-exploits-microsoft.html

Iranian state-sponsored hackers MuddyWater shift tactics, deploying new backdoor BugSleep in Middle East cyber attacks, moving away from using legitimate RMM tools.

Learn more: https://thehackernews.com/2024/07/iranian-hackers-deploy-new-bugsleep.html

Experts warn of an evolving threat landscape.

Malicious npm packages "img-aws-s3-object-multipart-copy" and "legacyaws-s3-object-multipart-copy" found with backdoor code; sophisticated attack using image files to conceal malicious code, urging developers to be extra cautious.

https://thehackernews.com/2024/07/malicious-npm-packages-found-using.html