Researchers uncover 25 malicious JavaScript libraries that attackers distributed via the NPM package repository with the aim of stealing Discord tokens and environment variables from compromised systems.

Read details: https://thehackernews.com/2022/02/25-malicious-javascript-libraries.html

⚠️WARNING!

9-year-old UNPATCHED vulnerability has been uncovered in Horde webmail software that can be exploited to gain full access to email accounts simply by previewing attachments.

Details: https://thehackernews.com/2022/02/9-year-old-unpatched-email-hacking-bug.html

🔥 Chinese researchers reveal details of a 'top-tier' backdoor, dubbed "Bvp47," used by the Equation Group, an APT group linked to the U.S. National Security Agency's cyber-warfare intelligence unit.

Read details: https://thehackernews.com/2022/02/chinese-experts-uncover-details-of.html

Researchers discover similarities between the Dridex malware and a little-known ransomware strain called Entropy, suggesting that the operators continue their extortion operations under a different name.

Read details: https://thehackernews.com/2022/02/dridex-malware-deploying-entropy.html

⚡ U.S. and U.K. cybersecurity agencies have issued an urgent warning about a new Russian botnet malware⁠ — dubbed "Cyclops Blink"⁠ — which Sandworm hackers built from hacked firewall and router devices.

Details: https://thehackernews.com/2022/02/us-uk-agencies-warn-of-new-russian.html

U.S. cybersecurity agency CISA is warning companies about two actively exploited vulnerabilities affecting the widely used open-source Zabbix enterprise monitoring platform.

✅ CVE-2022-23131
✅ CVE-2022-23134

Details: https://thehackernews.com/2022/02/cisa-alerts-on-actively-exploited-flaws.html

Deadbolt ransomware malware is now targeting ASUSTOR's network-attached storage (NAS) devices.

Cybercriminals claim to be exploiting a zero-day vulnerability that the company is not aware of.

Read details: https://thehackernews.com/2022/02/warning-deadbolt-ransomware-targeting.html

Researchers share latest findings on TrickBot malware campaign, suggesting that the group is probably switching its operations to move to a new malware.

Read details: https://thehackernews.com/2022/02/trickbot-gang-likely-shifting.html

A set of 4 new vulnerabilities have been discovered in Cisco's NX-OS network operating system for switches that attackers can exploit to take control of affected systems.

https://thehackernews.com/2022/02/new-flaws-discovered-in-ciscos-network.html

Affected organizations are advised to apply latest patches ASAP.

A set of 4 new vulnerabilities have been discovered in Cisco's NX-OS network operating system for switches that attackers can exploit to take control of affected systems.

https://thehackernews.com/2022/02/new-flaws-discovered-in-ciscos-network.html

Affected organizations are advised to apply latest patches ASAP.

Notorious Trickbot malware group has officially shut down its botnet infrastructure after reports of its imminent retirement amid a lull in its activity for almost two months.

Read details: https://thehackernews.com/2022/02/notorious-trickbot-malware-gang-shuts.html

Russian government warns domestic critical infrastructure operators of potential cyberattacks as the country's invasion of Ukraine enters its second day.

Read: https://thehackernews.com/2022/02/putin-warns-russian-critical.html

Researchers discover a new stealth malware, dubbed SockDetour, that operates filelessly and socketlessly on compromised systems and serves as a backup backdoor in case the primary one is removed.

Read details: https://thehackernews.com/2022/02/new-sockdetour-fileless-socketless.html

Government-sponsored hackers are not the only ones targeting the Ukraine with DDoS, malware, and phishing attacks, but cybercriminals have also gotten involved and begun to take sides in the Russia-Ukraine War.

https://thehackernews.com/2022/02/russia-ukraine-war-phishing-malware-and.html

WARNING: A new malware is spreading via some game apps on Microsoft Store and hijacks victims' social media accounts for malicious promotions and click fraud attacks.

Read details — https://thehackernews.com/2022/02/social-media-hijacking-malware.html

Mandiant researchers have identified two new malware — GRAMDOOR and STARWHALE — used by Iranian cyberespionage hackers; one of them uses the Telegram API to remotely control its victims' devices.

Read details: https://thehackernews.com/2022/02/iranian-hackers-using-new-spying.html

Researchers have managed to create a clone of Apple Airtag that bypasses the anti-stalking protection technology built into the Find My Bluetooth-based tracking protocol.

Details: https://thehackernews.com/2022/02/experts-create-apple-airtag-clone-that.html

CISA warns of multiple highly-severity vulnerabilities affecting Schneider Electric's Easergy medium-voltage protection relays and General Electric's Proficy CIMPLICITY SCADA software.

Read: https://thehackernews.com/2022/02/cisa-warns-of-high-severity-flaws-in.html

Researchers detail severe flaws in hardware-backed encryption on nearly 100 million Android-based #Samsung Galaxy S8, S9, S10, S20 and S21 smartphones that could be exploited to extract secret cryptographic keys.

Details: https://thehackernews.com/2022/02/100-million-samsung-galaxy-phones.html

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including a recently disclosed flaw in Zimbra webmail software.

Read details: https://thehackernews.com/2022/02/cisa-adds-recently-disclosed-zimbra-bug.html