SaaS adoption is skyrocketing, but so are blind spots and third-party risks.

🔎 Visibility is the key to identifying and mitigating these risks. Every layer of your SaaS ecosystem must be accounted for—are you aware of every app in use?

Learn more: https://thehackernews.com/expert-insights/2024/09/how-confident-are-you-that-your.html

🔥 Selenium Grid Targeted for Crypto Mining!

Default no-auth settings make it a prime target for attackers injecting crypto miners and proxyjacking scripts.

Learn more: https://thehackernews.com/2024/09/exposed-selenium-grid-servers-targeted.html

AI’s potential is limitless, but only if we can trust it.

Their unpredictability introduces significant concerns, mainly regarding data security and privacy.

How can developers ensure their AI products are not just innovative, but safe?

Find out in this blog by Sentra’s CTO and Co-Founder, Ron Reiter: https://thn.news/ai-data-privacy-tips

🚨 Alert: Over 1.3M Android TV Boxes Compromised by New 'Vo1d' Malware.

This backdoor installs harmful apps undetected, targeting vulnerable OS versions. Businesses with unmonitored devices may unknowingly be affected

Read: https://thehackernews.com/2024/09/beware-new-vo1d-malware-infects-13.html

⚠️ New threat actor IntelBroker is selling data from Apple, Space-Eyes, & Facebook.

Cato CTRL's investigation reveals how deeply cybercriminals are embedded in hacking forums. If these giants can be compromised, so can anyone.

Read: https://thehackernews.com/2024/09/top-3-threat-report-insights-for-q2-2024.html

GitLab has just released patches for 17 vulnerabilities, including a critical flaw (CVE-2024-6678) with a CVSS score of 9.9/10.

This flaw could allow attackers to execute pipeline jobs as arbitrary users, posing a severe risk to your development environments.

This is the fourth critical flaw GitLab has patched in the past year.

Learn more: https://thehackernews.com/2024/09/urgent-gitlab-patches-critical-flaw.html

Don’t wait for an exploit—apply the update today!

🔐 Researchers have uncovered Ajina.Banker, a new #Android malware that steals financial data and intercepts 2FA via #Telegram.



It spreads through fake apps, targeting users across Central Asia.



Find details here: https://thehackernews.com/2024/09/new-android-malware-ajinabanker-steals.html



Double-check app sources and educate clients on mobile security best practices.

🔒 Just-in-time access in Privileged Identity Management (PIM) faces scrutiny for security gaps. Attackers know how to exploit it, making "just-in-time" feel like "all-the-time" access.

Learn more: https://thehackernews.com/expert-insights/2024/09/privileged-identity-management-pim-for.html

🚨 A new Linux malware, "Hadooken," is exploiting weak credentials and vulnerabilities in Oracle Weblogic to deploy cryptocurrency miners and DDoS botnets.

https://thehackernews.com/2024/09/new-linux-malware-campaign-exploits.html

The malware uses Python and shell scripts to spread laterally, creating a persistent threat.

⚠️ Cybercriminals are exploiting PoC exploits for two critical vulnerabilities (CVE-2024-6670, CVE-2024-6671) in WhatsUp Gold, with attacks starting just 5 hours after the PoC release.

Details here: https://thehackernews.com/2024/09/progress-whatsup-gold-exploited-just.html

Patch your systems NOW to avoid becoming a target!

New TrickMo variant uses advanced evasion to steal credentials & intercept 2FA codes.

It deploys fake login screens, keylogging, & screen recording to target banking users.

https://thehackernews.com/2024/09/trickmo-android-trojan-exploits.html

It also exploits #Android's Accessibility Services for full device control.

A 17-year-old was arrested after launching a #cyberattack on TfL, exposing the sensitive data of thousands.

This isn't an isolated event—groups like Scattered Spider are exploiting cloud infrastructures, especially in finance and insurance.

Read: https://thehackernews.com/2024/09/17-year-old-arrested-in-connection-with.html

Phishing causes over 80% of unauthorized access. Traditional defenses, like MFA, are vulnerable as attackers bypass them. Beyond Identity’s deterministic security eliminates phishable credentials like passwords and OTPs for stronger protection.

https://thehackernews.com/2024/09/say-goodbye-to-phishing-must-haves-to.html

🚨 CVE-2024-40865, aka GAZEploit, is a new #vulnerability in Apple's Vision Pro headset.

It lets attackers infer virtual keyboard inputs by analyzing eye movements, risking #privacy breaches.

Read: https://thehackernews.com/2024/09/apple-vision-pro-vulnerability-exposed.html

🚨 A newly patched security flaw in Ivanti CSA (CVE-2024-8190) is under active exploitation.

This vulnerability could lead to full system compromise, especially since Ivanti CSA 4.6 has reached end-of-life.

Don’t risk your infrastructure—upgrade to CSA 5.0 and ensure you're protected.

Details here: https://thehackernews.com/2024/09/ivanti-warns-of-active-exploitation-of.html

⚠️ Cybersecurity experts have flagged a new phishing method that manipulates HTTP refresh headers to deliver spoofed login pages and steal credentials.

Learn more: https://thehackernews.com/2024/09/cybercriminals-exploit-http-headers-for.html

Apple has voluntarily dismissed its lawsuit against spyware vendor NSO Group, citing concerns over exposing critical threat intelligence.

Learn more: https://thehackernews.com/2024/09/apple-drops-spyware-case-against-nso.html

🚨 A vulnerability called CloudImposer could have enabled attackers to exploit Google Cloud Composer using dependency confusion for remote code execution.

A successful attack would have allowed code execution and exfiltration of sensitive data, threatening cloud environments globally.

Google has patched this issue, but the incident highlights the ongoing risk of supply chain attacks.

Learn more: https://thehackernews.com/2024/09/google-fixes-gcp-composer-flaw-that.html

⚠️ North Korean hackers are using LinkedIn to spread RustDoor malware, posing as crypto recruiters to target professionals.

They trick victims into downloading booby-trapped coding tests, with macOS backdoor.

Read: https://thehackernews.com/2024/09/north-korean-hackers-target.html

🚨 PCI DSS v4 Deadline Approaching – Are You Ready?

PCI DSS v4.0 prioritizes monitoring payment page scripts. Sections 6.4.3 & 11.6.1 require vigilance on script integrity to block malicious injections.

https://thehackernews.com/2024/09/master-your-pci-dss-v4-compliance-with.html

⏳ Don’t wait—enable real-time monitoring now.

SolarWinds just released critical patches for Access Rights Manager (ARM) vulnerabilities, including one rated 9.0/10 for remote code execution (CVE-2024-28991).

Read: https://thehackernews.com/2024/09/solarwinds-issues-patch-for-critical.html

If you're using ARM, patch now to prevent future attacks.