The FBI and CISA are warning about active exploitation of a recently disclosed critical RCE #vulnerability in Zoho's ManageEngine ServiceDesk Plus in order to deploy web shells and perform a variety of malicious activities.

Details: https://thehackernews.com/2021/12/cisa-warns-of-actively-exploited.html

⚡A new Linux malware infection has been discovered that steals payment data from e-commerce websites and hides in a legitimate NGINX process on the compromised servers.

Read details: https://thehackernews.com/2021/12/new-payment-data-sealing-malware-hides.html

A new group of hackers known as "Magnat" is using malvertising campaigns to spread new malware families with information stealers, backdoors, and malicious Google Chrome extensions.

Read details: https://thehackernews.com/2021/12/new-malvertising-campaigns-spreading.html

Researchers uncover new strategies and tools used by Pakistani SideCopy APT hackers to target the Indian and Afghan governments.

Read details: https://thehackernews.com/2021/12/researchers-detail-how-pakistani.html

Zoho is warning its customers about another critical authentication bypass vulnerability (CVE-2021-44515) that is being actively exploited and affects ManageEngine Desktop Central MSP software.

Read details: https://thehackernews.com/2021/12/warning-yet-another-zoho-manageengine.html

XS -Leaks!!!

14 new types of cross-site data leakage attacks have been discovered against a number of modern web browsers, including Tor Browser, Mozilla Firefox, Google Chrome, Microsoft Edge, Apple Safari and Opera.

Read details: https://thehackernews.com/2021/12/14-new-xs-leaks-cross-site-leaks.html

Hackers stole more than $180 million worth of cryptocurrency tokens from Bitmart Exchange using compromised privacy keys.

Details: https://thehackernews.com/2021/12/hackers-steal-200-million-worth-of.html

Researchers warn of malicious KMSPico Windows Activators circulating the internet and aiming to steal cryptocurrency wallet credentials.

Read details: https://thehackernews.com/2021/12/malicious-kmspico-windows-activator.html

Latest Firefox 95 version includes a new sandboxing technology called RLBox that protects the browser from untrusted code and other security vulnerabilities.

Details: https://thehackernews.com/2021/12/latest-firefox-95-includes-rlbox.html

With the help of a court order, Microsoft has successfully seized 42 domain names used by a Chinese hacking group to launch cyberespionage attacks against organizations in the US and 28 other countries.

Read details: https://thehackernews.com/2021/12/microsoft-seizes-42-malicious-web.html

The Russian hacking group that attacked SolarWinds last year is targeting businesses and government entities worldwide.

Read details: https://thehackernews.com/2021/12/solarwinds-hackers-targeting-government.html

A number of vulnerabilities reported in Eltima SDK made several Cloud services vulnerable to privilege escalation attacks.

Read: https://thehackernews.com/2021/12/eltima-sdk-contain-multiple.html

QNAP has released a new advisory warning its customers about a new cryptocurrency mining malware targeting NAS devices and advising them to take preventative measures as soon as possible.

Read details — https://thehackernews.com/2021/12/warning-yet-another-bitcoin-mining.html

Trickbot botnet infected over 140,000 computers worldwide within months of helping the Emotet malware get back into action.

Read details: https://thehackernews.com/2021/12/140000-reasons-why-emotet-is.html

Google disrupts a sophisticated blockchain-based botnet — dubbed Glupteba — that affected more than 1 MILLION computers around the world, and sues two Russian hackers believed to be behind the attack.

Read details: https://thehackernews.com/2021/12/google-disrupts-blockchain-based.html

SonicWall urges customers to immediately patch/update their SMA 100 series appliances to the latest version in order to prevent exploitation of newly discovered multiple critical & high-severity security vulnerabilities.

Details: https://thehackernews.com/2021/12/sonicwall-urges-customers-to.html

A number of malicious NPM javascript packages in the open-source repository have been caught hijacking Discord servers.

Read: https://thehackernews.com/2021/12/over-dozen-malicious-npm-packages.html

Researchers have discovered at least 300,000 IP addresses associated with vulnerable MikroTik network devices that can be hacked remotely using previously known critical vulnerabilities.

Read details: https://thehackernews.com/2021/12/over-300000-mikrotik-devices-found.html

Russian government has blocked Tor privacy service as part of its latest move towards censorship.

Read details: https://thehackernews.com/2021/12/russia-blocks-tor-privacy-service-in.html

ALERT! In a massive ongoing cyber attack, nearly 1.6 million WordPress websites were hit with 13.7 million malicious requests from over 16,000 different IP addresses.

Read details: https://thehackernews.com/2021/12/16-million-wordpress-sites-under.html