Rackspace confirmed that the Play ransomware gang was responsible for last month's breach. The attack used a zero-day exploit related to CVE-2022-41080 to gain initial access to the company's email environment.

Read: https://thehackernews.com/2023/01/rackspace-confirms-play-ransomware-gang.html

Notorious banking malware Dridex has reportedly adapted to attack Apple's macOS operating system with a new, previously unseen infection method.

Read: https://thehackernews.com/2023/01/dridex-malware-now-attacking-macos.html

Russian cyberespionage group Turla has been using decade-old ANDROMEDA malware's attack infrastructure to deliver its own custom reconnaissance and backdoor (KOPILUWAK and QUIETCANARY) tools to Ukraine.

Read details: https://thehackernews.com/2023/01/russian-turla-hackers-hijack-decade-old.html

Heads up! Malicious Visual Studio code extensions are being distributed by hackers to launch supply chain attacks against software developers.

Read: https://thehackernews.com/2023/01/hackers-distributing-malicious-visual.html

Stay alert, developers!

6 new malicious Python packages distributed via PyPI deploying info stealers and use Cloudflare tunnels to sneak through firewalls.

Read: https://thehackernews.com/2023/01/malicious-pypi-packages-using.html

Academics reveal new Text-to-SQL model attacks that could potentially let attackers break into sensitive databases or launch DoS attacks.

Read details: https://thehackernews.com/2023/01/new-study-uncovers-text-to-sql-model.html

Alert! Kinsing cryptojacking attacks are targeting Kubernetes clusters through misconfigured PostgreSQL. Secure your systems before it's too late.

Read: https://thehackernews.com/2023/01/kinsing-cryptojacking-hits-kubernetes.html

🔥 Attention all open-source developers: If you're using "jsonwebtoken" library in your projects, you need to take urgent action.

A high-severity security flaw [ CVE-2022-23529] has been discovered, leading to RCE attacks: https://thehackernews.com/2023/01/critical-security-flaw-found-in.html

A new analysis of popular encrypted messaging app Threema reveals potential weaknesses in its cryptographic protocols, leaving users' private keys vulnerable.

https://thehackernews.com/2023/01/expert-analysis-reveals-cryptographic.html

In response, Threema has released a new communication protocol called Ibex.

StrongPity APT group targeting Android users with a Trojanized Telegram app distributed through a fake video chat service website.

Read: https://thehackernews.com/2023/01/strongpity-hackers-distribute.html

Stay vigilant - a new phishing campaign targeting Italy has been observed, deploying an information stealer on compromised #Windows systems.

Read: https://thehackernews.com/2023/01/italian-users-warned-of-malware-attack.html

Researchers have uncovered details of an ongoing hacking campaign by the APT hacker group Dark Pink, targeting military and government organizations in the APAC region.

Read: https://thehackernews.com/2023/01/dark-pink-apt-group-targets-governments.html

🔥 Attention, It's Patch Tuesday! Make sure to update your systems and software ASAP with the latest security patches from:

✅ Microsoft
✅ Adobe
✅ Google
✅ Intel
✅ HP
✅ Linux: Debian, Ubuntu,...
✅ SAP
... and more.

Read details: https://thehackernews.com/2023/01/microsoft-issues-january-2023-patch.html

A new wave of Gootkit malware loader attacks has targeted the Australian healthcare sector by leveraging legitimate tools like VLC Media Player.

Read: https://thehackernews.com/2023/01/australian-healthcare-sector-targeted.html

A new analysis reveals that Raspberry Robin's attack infrastructure can be repurposed by other threat actors for their own malicious activities, making it an even greater threat to watch out for.

Read: https://thehackernews.com/2023/01/new-analysis-reveals-raspberry-robin.html

Linux sysadmins, beware!

Hackers are exploiting a critical RCE vulnerability in Control Web Panel (CWP) to gain elevated privileges on web servers.

Read: https://thehackernews.com/2023/01/alert-hackers-actively-exploiting.html

Patch your servers ASAP!

Twitter denies reports of a data breach of 200 million users and says there is "no evidence" that the user data sold online was obtained by exploiting vulnerabilities in its systems.

Read: https://thehackernews.com/2023/01/twitter-denies-hacking-claims-assures.html

Researchers have uncovered details of a vulnerability in Google Chrome and Chromium-based browsers that could have potentially enabled hackers to steal sensitive information.

Read: https://thehackernews.com/2023/01/experts-detail-chromium-browser.html

Security researchers have uncovered multiple vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 PLCs. Attackers could exploit these flaws to stealthily install firmware and take control of the devices.

Read: https://thehackernews.com/2023/01/over-100-siemens-plc-models-found.html

Beware of IcedID malware - it's using attack techniques borrowed from other hackers to quickly compromise Active Directory domains.

Read: https://thehackernews.com/2023/01/icedid-malware-strikes-again-active.html