WordPress has pushed a forced automatic update for Ninja Forms, one of the most popular plugins with over a million active installations, to patch a critical vulnerability that researchers say was likely being actively exploited.

https://thehackernews.com/2022/06/over-million-wordpress-sites-forcibly.html

A Chinese hacker group exploited a critical “then-zero-day” vulnerability in Sophos's firewall to infiltrate a company in South Asia.

Read details: https://thehackernews.com/2022/06/chinese-hackers-exploited-sophos.html

Researchers have uncovered an enterprise-grade Android spyware, dubbed 'Hermit,' that is being used by the Kazakh government and entities operating within Syria and Italy to spy on targeted victims.

Details: https://thehackernews.com/2022/06/researchers-uncover-hermit-android.html

Cybercriminals are actively exploiting a recent critical flaw in Atlassian Confluence Server and Data Center products to drop cryptocurrency miners and ransomware payloads.

Read details: https://thehackernews.com/2022/06/atlassian-confluence-flaw-being-used-to.html

U.S. Law Enforcement in collaboration with other countries, took down the infrastructure of a Russian botnet called RSOCKS that used millions of hacked IoT devices, Android smartphones, and computers to act as proxies.

Read: https://thehackernews.com/2022/06/authorities-shut-down-russian-rsocks.html

Researchers have uncovered 15 new vulnerabilities in Siemens' industrial SINEC network management system that can lead to DoS attacks, credential leaks, and remote code execution attacks.

Read: https://thehackernews.com/2022/06/over-dozen-flaws-found-in-siemens.html

Cybercriminals behind BRATA have added more APT capabilities to the Android mobile malware to make their attacks on financial apps even more stealthy.

Read details: https://thehackernews.com/2022/06/brata-android-malware-gains-advanced.html

Google researchers share technical details of a vulnerability (CVE-2022-22620) in Apple Safari that was exploited in-the-wild earlier this year.

It was originally fixed in 2013 & reintroduced in 2016, leaving the flaw open for 5 years.

Read: https://thehackernews.com/2022/06/google-researchers-detail-5-year-old.html

A researcher has uncovered a new kind of NTLM relay attack, dubbed "DFSCoerce," that leverages the Distributed File System (DFS): Namespace Management Protocol (MS-DFSNM) to take control of Windows domains

Details: https://thehackernews.com/2022/06/new-ntlm-relay-attack-lets-attackers.html

Paige Thompson, 36, a former Amazon software engineer, has been found guilty of wire fraud and computer intrusion for her role in stealing the personal information of more than 100 million Capital One customers.

Read: https://thehackernews.com/2022/06/former-amazon-employee-found-guilty-in.html

Researchers uncover a set of 56 vulnerabilities affecting devices from 10 operational technology vendors (OT) — widely used in industries such as oil and gas, chemical, nuclear, power generation and distribution and building automation.

Read: https://thehackernews.com/2022/06/researchers-disclose-56-vulnerabilities.html

ToddyCat, a new APT hacker group, has been observed attacking MS Exchange servers belonging to high-profile organizations in Europe and Asia.

Read details: https://thehackernews.com/2022/06/new-toddycat-hacker-group-on-experts.html

RIG Exploit Kit replaces the Raccoon stealer trojan with Dridex financial malware after one of its developers was killed in the Russian-Ukrainian war.

Read details: https://thehackernews.com/2022/06/rig-exploit-kit-now-infects-victims-pcs.html

Europol dismantled an organized cybercrime group engaged in phishing, fraud, scams, and money laundering activities.

Details: https://thehackernews.com/2022/06/europol-busts-phishing-gang-responsible.html

A newly discovered Magecart attack has been linked to the infrastructure of an ongoing skimming campaign.

Read: https://thehackernews.com/2022/06/newly-discovered-magecart.html

Ukrainian CERT has warned of a new series of Russian cyberattacks exploiting the "Follina" vulnerability in the Windows operating system to deploy password-stealing malware.

Read details: https://thehackernews.com/2022/06/russian-hackers-exploiting-microsoft.html

Researchers demonstrate 5 cryptographic attacks to break the encryption of the cloud storage service "MEGA," allowing compromise of user confidentiality.

https://thehackernews.com/2022/06/researchers-uncover-ways-to-break.html

—RSA Key Recovery
—Plaintext Recovery
—Framing Attack
—Integrity Attack
—GaP-Bleichenbacher Attack

A critical PHP vulnerability leaves QNAP's network attached storage (NAS) devices vulnerable to remote attackers, allowing them to execute malicious code on the affected systems.

Read details: https://thehackernews.com/2022/06/critical-php-vulnerability-exposes-qnap.html

Tropic Trooper Chinese hacker group has been spotted using a new malware coded in the Nim programming language, and distributed hidden inside an "SMS bomber" tool.

Read details: https://thehackernews.com/2022/06/chinese-hackers-distributing-sms-bomber.html

Israeli surveillanceware vendor NSO Group admitted to the European Union lawmakers that its Pegasus spyware tool was used by at least 5 countries in the region.

Read: https://thehackernews.com/2022/06/nso-confirms-pegasus-spyware-used-by-at.html