📣 CISA BOD 25-01 is here.

This latest directive outlines requirements to ensure that Microsoft 365 cloud environments and SaaS applications are safe and secure.

Get prepared to meet those essential compliance deadlines.

🔗 Learn how federal civilian agencies can ensure SCuBA policy alignment: https://thn.news/o8o8sp2s

⚡ Cloudflare’s latest report reveals the largest DDoS attack ever recorded — 5.6 Terabits per second!

⤷ Originated from over 13,000 IoT devices
⤷ The attack targeted an ISP in Eastern Asia

👉 Learn more: https://thehackernews.com/2025/01/mirai-botnet-launches-record-56-tbps.html

⚠️ Oracle has released its Critical Patch Update for January 2025, addressing a massive 318 security vulnerabilities across its products.

The most severe flaw could give attackers full control over affected systems.

Read the full update: https://thehackernews.com/2025/01/oracle-releases-january-2025-patch-to.html

🚨 Alert: A previously unknown China-linked APT group, PlushDaemon, has been linked to a 2023 supply chain attack targeting a South Korean VPN provider.

From screen recording to browser password harvesting – this backdoor does it all.

Read more: https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html

🤔 65% of security teams rely solely on pentest vendors for their reports. What happens when you can’t verify those reports?

⤷ HackGATE fixes this by offering real-time visibility into pentest activities.
⤷ Gain deeper insight into every test phase, ensuring quality and accountability.

Don’t just trust the report—verify it!

⚡ See how HackGATE can help: https://thehackernews.com/2025/01/hackgate-setting-new-standards-for.html

⚖️ U.S. President Trump pardons Ross Ulbricht, creator of the Silk Road darkweb marketplace, after 11 years behind bars.

Ulbricht’s life sentence for trafficking and hacking is now officially void.

👉 Read the full article: https://thehackernews.com/2025/01/president-trump-pardons-silk-road.html

🇰🇵 North Korean malware #InvisibleFerret uses fake tech job interviews

It's target: corporate info, crypto data, source code 🎯

Read comprehensive technical analysis of this threat from @AnyRun_app
https://thn.news/invisibleferret-tech-analysis

🔐 New FREE Risk Assessment for Security Teams!

As GenAI and SaaS apps become essential, your organization’s security risks are growing. Employees' browser behavior could be leaking sensitive data.

🔍 Gain actionable insights and uncover hidden risks with this customized risk assessment: https://thehackernews.com/2025/01/discover-hidden-browsing-threats-free.html

🛑 Zero-Day Exploit in Cambium Routers!

Threat actors are exploiting this flaw to deploy the AIRASHI botnet, carrying out powerful DDoS attacks of up to 3 Tbps.

Take action to secure your IoT devices before it’s too late.

Learn more here: https://thehackernews.com/2025/01/hackers-exploit-zero-day-in-cnpilot.html

🔥 The Trump administration has just terminated all DHS advisory committee memberships, including the key Cyber Safety Review Board (CSRB).

CSRB's past work included:
⤷ Reporting on Log4Shell and LAPSUS$ intrusions
⤷ Holding tech firms accountable for cybersecurity lapses
⤷ Investigating Salt Typhoon, a Chinese hacking group targeting U.S. telecoms

Read → https://thehackernews.com/2025/01/trump-terminates-dhs-advisory-committee.html

🔒 Google uncovers "TRIPLESTRENGTH," a financially motivated hacker group targeting cloud environments for cryptojacking and ransomware.

Their extensive reach includes Google Cloud, AWS, and Microsoft Azure.

👉 Read the full report: https://thehackernews.com/2025/01/triplestrength-targets-cloud-platforms.html

🚨 Critical Cisco Flaw Exposes Admin Access!

A new vulnerability in Cisco Meeting Management (CVE-2025-20156) could allow attackers to gain full administrator control. 🔐

Also, CISA and FBI issue a warning on Ivanti exploit chains—targeting government and private sector networks.

Learn more: https://thehackernews.com/2025/01/cisco-fixes-critical-privilege.html

⚠️ A new BackConnect (BC) malware linked to QakBot is out, and it's evolving FAST.

Both QakBot and Black Basta are using this shared tool to ramp up their attacks, affecting thousands.

Find out: https://thehackernews.com/2025/01/qakbot-linked-bc-malware-adds-enhanced.html

🔎 Is your website tracking users more than necessary?

🚨 45% of third-party apps on websites access sensitive user data unnecessarily.

Take steps to secure your site—get actionable tips in the full report: https://thehackernews.com/2025/01/new-research-state-of-web-exposure-2025.html

👉 50-80% of enterprise breaches are due to credential & user-based attacks.

Legacy authentication methods are outdated and vulnerable, but cutting-edge authentication systems are now making attacks impossible.

Learn how to upgrade your security today: https://thehackernews.com/2025/01/eliminate-identity-based-threats.html

Did you know security teams can now enforce MFA on user accounts directly in their web browser — even for apps that don’t allow mandatory MFA enforcement?

With Push Security, spend less time chasing users to configure MFA or trying to manually enforce it across hundreds of apps.

https://thn.news/mfa-enforce-other

🔒 HellCat & Morpheus Ransomware Sharing Identical Code!

Cybercriminals are using the same payload for attacks—just with victim-specific tweaks. Smaller, more agile groups like these may dominate the threat landscape moving forward.

👉 Read analysis: https://thehackernews.com/2025/01/experts-find-shared-codebase-linking.html

🔴 A new malware campaign is exploiting fake CAPTCHA verifications to spread Lumma Stealer, affecting global organizations.

Targets are being tricked into downloading malware outside of the browser context.

Read the full report: https://thehackernews.com/2025/01/beware-fake-captcha-campaign-spreads.html

⚠️ URGENT: Security Flaws Found in Palo Alto Networks Firewalls

⤷ BootHole CVE-2020-10713: Secure Boot bypass
⤷ LogoFAIL & PixieFail: Code execution via firmware & network stack vulnerabilities
⤷ Misconfigured SPI flash access in PA-415

👉 Read: https://thehackernews.com/2025/01/palo-alto-firewalls-found-vulnerable-to.html

🕵️‍♂️ J-magic Campaign </>

A New Breed of Malware – Attackers are using "magic packets" to remotely control Juniper routers and deploying a variant of the publicly available backdoor "cd00r" into enterprise networks.

Find out more: https://thehackernews.com/2025/01/custom-backdoor-exploiting-magic-packet.html

🚨 Urgent Alert: CVE-2020-11023 is back in the spotlight!

CISA adds this jQuery flaw to its Known Exploited Vulnerabilities list after active exploitation was detected.

Learn more: https://thehackernews.com/2025/01/cisa-adds-five-year-old-jquery-xss-flaw.html

Review your jQuery versions and update immediately.