A high-severity code injection #vulnerability (CVE-2021-38305) has been discovered in 23andMe's Yamale, a schema and validator for YAML used by at least 224 repositories on GitHub.

Read: https://thehackernews.com/2021/10/code-execution-bug-affects-yamale.html

A new urgent Apache patch update has been released for the actively exploited Path Traversal issue (CVE-2021-41773), which has now been identified as a critical remote code execution #vulnerability.

Details: https://thehackernews.com/2021/10/new-patch-released-for-actively.html

Researchers have detailed a new campaign targeting entities in Southeast Asia using FontOnLake, a previously unknown Linux rootkit malware that allows its operators remote access, collects credentials, and acts as a proxy server.

https://thehackernews.com/2021/10/researchers-warn-of-fontonlake-rootkit.html

Russian-language ransomware attack group FIN12 is increasingly targeting healthcare organizations.

Read details: https://thehackernews.com/2021/10/ransomware-group-fin12-aggressively.html

A prominent Togolese human rights defender has been targeted by a threat actor known for striking victims in South Asia with mobile spyware developed in India.

Read details: https://thehackernews.com/2021/10/indian-made-mobile-spyware-targeted.html

Apple has released urgent iOS 15.0.2 and iPadOS 15.0.2 updates to address a new critical 0-day vulnerability (CVE-2021-30883) that is being actively exploited in the wild.

Read details: https://thehackernews.com/2021/10/apple-releases-urgent-iphone-and-ipad.html

Ukrainian authorities arrest a hacker responsible for creating and managing a "powerful botnet" consisting of over 100,000 enslaved devices used for DDoS and spam attacks on behalf of paying customers.

Read details: https://thehackernews.com/2021/10/ukraine-arrests-operator-of-ddos-botnet.html

An Iran-linked hacking group has been conducting extensive password-spraying attacks on more than 250 Office 365 tenants, targeting the US, Israeli defense firms.

https://thehackernews.com/2021/10/microsoft-warns-of-iran-linked-hackers.html

According to Microsoft, nearly 20 of the targeted tenants were compromised successfully.

Microsoft Azure's cloud platform was hit by a record 2.4 Tbps DDoS attack targeting an unnamed customer in Europe.

Read details: https://thehackernews.com/2021/10/microsoft-fended-off-record-24-tbps.html

GitHub has revoked weak SSH authentication keys generated via the popular GitKraken git GUI client due to a vulnerability in a third-party library that increased the chance of duplicating SSH keys.

Read: https://thehackernews.com/2021/10/github-revoked-insecure-ssh-keys.html

Multiple vulnerabilities have been discovered in LibreOffice and OpenOffice that could be exploited by malicious actors to modify documents to make them appear to be digitally signed by a trusted source.

Details: https://thehackernews.com/2021/10/digital-signature-spoofing-flaws.html

// Microsoft Patch Tuesday
// October 2021 Edition

Update your Windows PCs right away to patch 4 new 0-day vulnerabilities that are currently being exploited in the wild.

Read details: https://thehackernews.com/2021/10/update-your-windows-pcs-immediately-to.html

A critical vulnerability in OpenSea, the world's largest non-fungible token (NFT) marketplace, could have allowed hackers to drain cryptocurrency funds from users' wallets.

Read: https://thehackernews.com/2021/10/critical-flaw-in-opensea-could-have-let.html

Researchers have identified a large number of endpoints associated with the Prometheus event monitoring solution, deployed at originations, that are publicly accessible, allowing unauthenticated users to access sensitive information.

https://thehackernews.com/2021/10/experts-warn-of-unprotected-prometheus.html

After a thorough examination of 80 million samples, Google's VirusTotal releases its first "Ransomware Activity Report," which provides a comprehensive snapshot of ransomware attacks.

Read: https://thehackernews.com/2021/10/virustotal-releases-ransomware-report.html

Multiple security vulnerabilities have been disclosed in softphone software from Linphone and MicroSIP that could be exploited by unauthenticated remote attackers.

Read details: https://thehackernews.com/2021/10/critical-remote-hacking-flaws-disclosed.html

Google's TAG team is tracking 270 government-backed hacker groups from more than 50 countries.

Read: https://thehackernews.com/2021/10/google-were-tracking-270-state.html

United States Cybersecurity Infrastructure and Security Agency (CISA) has issued a warning about cyber threats aimed against wastewater and water systems.

Read Details: https://thehackernews.com/2021/10/cisa-issues-warning-on-cyber-threats.html

AllBlock ad-blocking plugin for Chrome and Opera browsers caught injecting advertisements into Google search results pages.

Read: https://thehackernews.com/2021/10/ad-blocking-chrome-extension-caught.html

Hackers behind Trickbot are expanding the distribution channels for malware.

Read: https://thehackernews.com/2021/10/attackers-behind-trickbot-expanding.html