Microsoft exposes the way Chinese hackers hide Tarrask malware on Windows machines in order to avoid detection.

Read details: https://thehackernews.com/2022/04/microsoft-exposes-evasive-chinese.html

A week after VMware released patches to fix 8 vulnerabilities in VMware Workspace ONE Access, threat actors have begun actively exploiting one of the critical vulnerabilities (CVE-2022-22954) in the wild.

Details: https://thehackernews.com/2022/04/vmware-releases-patches-for-critical.html

U.S. cybersecurity and federal agencies have issued a joint warning against APT hackers who are continually targeting critical infrastructure with specially designed malware that can scan, compromise, and control certain ICS/SCADA devices.

https://thehackernews.com/2022/04/us-warns-of-apt-hackers-targeting.html

Microsoft and a consortium of cybersecurity companies took legal and technical steps to disrupt the ZLoader cybercrime botnet.

Read details: https://thehackernews.com/2022/04/microsoft-disrupts-zloader-cybercrime.html

Keksec's new EnemyBot DDoS botnet borrows features and exploit code from Mirai and Gafgyt malware.

Read details: https://thehackernews.com/2022/04/new-enemybot-ddos-botnet-borrows.html

Cybersecurity researchers have disclosed a security flaw in the Rarible non-fungible token (NFT) marketplace that could have allowed attackers to takeover cryptocurrency wallets.

Read: https://thehackernews.com/2022/04/rarible-nft-marketplace-flaw-couldve.html

Former Ethereum developer Virgil Griffith has been sentenced to 5 years and 3 months in prison and fined $100,000 for helping NorthKorea evade sanctions.

Read details: https://thehackernews.com/2022/04/ethereum-developer-jailed-63-months-for.html

⚡An urgent update for Google Chrome browser has been released to patch a new zero-day security vulnerability (CVE-2022-1364) that is being actively exploited by hackers.

Read details: https://thehackernews.com/2022/04/google-releases-urgent-chrome-update-to.html

A highly-critical vulnerability (CVE-2022-22966) has been discovered in VMWare Cloud Director that can be exploited for RCE attacks, allowing attackers to gain access to sensitive data & take over private clouds within an entire infrastructure.

https://thehackernews.com/2022/04/critical-vmware-cloud-director-bug.html

Haskers gang has released a new information stealing malware called ZingoStealer for free to other cybercriminals so that they can use the tool for nefarious purposes.

Read details: https://thehackernews.com/2022/04/haskers-gang-gives-away-zingostealer.html

Researchers publish details of 5 new vulnerabilities, dubbed JekyllBot:5, that affect Aethon Tug hospital robots and could allow attackers to intercept medication and lab samples and control the devices.

Read: https://thehackernews.com/2022/04/new-jekyllbot5-flaws-let-attackers-take.html

⚠️GitHub finds that hackers abused stolen OAuth access tokens issued to 2 third-party OAuth integrators, Heroku and Travis-CI, to unauthorizedly download private data from several organizations.

Details: https://thehackernews.com/2022/04/github-says-hackers-breach-dozens-of.html

U.S. authorities report that NorthKorean Lazarus hackers were responsible for the $540 million Axie Infinity crypto hack, while Symantec researchers warn that the group is now targeting chemical companies in an ongoing cyberespionage campaign.

https://thehackernews.com/2022/04/lazarus-hackers-behind-540-million-axie.html

A critical RCE vulnerability has been reported in the WordPress plugin Elementor Website Builder, with over five million active installations, which could allow attackers to take over unpatched websites.

Details: https://thehackernews.com/2022/04/critical-rce-flaw-reported-in-wordpress.html

Ukraine government has warned of a new wave of hacking campaigns that spread IcedID malware and exploit Zimbra exploits to steal sensitive information.

Details: https://thehackernews.com/2022/04/new-hacking-campaign-targeting.html

Cybersecurity researchers have uncovered a new version of the SolarMarker malware that packs in new enhancements to improve its ability to evade defenses and stay under the radar.

Read details: https://thehackernews.com/2022/04/new-solarmarker-malware-variant-using.html

Researchers provide a detailed technical analysis of the PYSA ransomware group primarily striking government, healthcare, and education sectors.

Read details: https://thehackernews.com/2022/04/researchers-share-in-depth-analysis-of.html

Github's security team has notified users/organizations whose private data was downloaded with stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI.

Details: https://thehackernews.com/2022/04/github-notifies-victims-whose-private.html

U.S. government has issued a new warning about North Korean state-sponsored hackers targeting blockchain companies, including cryptocurrency exchanges, DeFi protocols, trading firms, venture capital funds, and individuals holding NFTs.

Read: https://thehackernews.com/2022/04/fbi-us-treasury-and-cisa-warns-of-north.html

A previously unknown zero-click exploit for Apple's iMessage was used to install spyware from NSO Group and Candiru on 65 people as part of a "multi-year clandestine operation."

Read details: https://thehackernews.com/2022/04/experts-uncover-spyware-attacks-against.html