🚨 Cybersecurity Alert: Mispadu banking trojan targets Latin American countries, compromising legit websites and stealing credentials. Attackers' misconfiguration exposes 8 out of 20 Command & Control Servers, revealing over 90,000 stolen credentials from 17.5K unique websites across all sectors.

Learn more: https://thehackernews.com/2023/03/mispadu-banking-trojan-targets-latin.html

Heads up! dotRunpeX is a new malware injector that distributes various known malware families via phishing emails and malicious Google Ads.

Learn more: https://thehackernews.com/2023/03/new-dotrunpex-malware-delivers-multiple.html

💸 Over $1.6 million in cryptocurrency stolen from hot wallets due to a zero-day security flaw in General Bytes' ATM software.

Learn more: https://thehackernews.com/2023/03/hackers-steal-over-16-million-in-crypto.html

55 zero-day vulnerabilities exploited in 2022, with Microsoft, Google, and Apple software the most targeted!

Though lower than 81 in 2021, still a significant uptick in recent years.

Learn more: https://thehackernews.com/2023/03/from-ransomware-to-cyber-espionage-55.html

⚠️ Beware of ShellBot malware! Weak SSH credentials on #Linux servers are being exploited in a new campaign. ShellBot can perform DDoS attacks & exfiltrate data.

Learn more: https://thehackernews.com/2023/03/new-shellbot-ddos-malware-targeting.html

⚡️ New "Bad Magic" activity cluster targeting gov't, agriculture & transportation orgs in Donetsk, Lugansk & Crimea amid ongoing Russia-Ukraine conflict using a new modular framework, "CommonMagic."

Learn more: https://thehackernews.com/2023/03/new-bad-magic-cyber-threat-disrupt.html

BreachForums has been officially taken down, but the administrator promises "it's not the end."

Learn more: https://thehackernews.com/2023/03/breachforums-administrator-baphomet.html

Speculations arise that law enforcement may have obtained access to the site's configurations and user information.

New malware alert!

REF2924, a threat group targeting entities in South and Southeast Asia, has been spotted deploying NAPLISTENER - an HTTP listener designed to evade network-based detection.

Learn more: https://thehackernews.com/2023/03/new-naplistener-malware-used-by-ref2924.html

🚨 NuGet Repository under attack! New malicious campaign aims to infect DotNET developer systems with cryptocurrency stealer malware.

Learn more: https://thehackernews.com/2023/03/rogue-nuget-packages-infect-net.html

Beware of 13 rogue packages downloaded 160k+ times in the past month.

⚠️ CISA warns of critical flaws in Industrial Control Systems from Keysight, Delta Electronics, Siemens, VISAM, Rockwell Automation, and Hitachi Energy.

Learn more: https://thehackernews.com/2023/03/cisa-alerts-on-critical-security.html

Update your software ASAP to avoid potential security breaches!

💻 Chinese state-sponsored 🕵️‍♂️ threat actors infiltrate Microsoft Exchange servers in new wave of cyber attacks on Middle East telecoms.

Learn more: https://thehackernews.com/2023/03/operation-soft-cell-chinese-hackers.html

Researchers find a custom variant of Mimikatz, called mim221, with new anti-detection features.

🚨 German and South Korean intel agencies warn of Kimsuky cyberattacks targeting Gmail inboxes via malicious browser extensions.

The group has also extended its attacks to Android malware strains such as FastFire, FastSpy, and RambleOn.

Read: https://thehackernews.com/2023/03/german-and-south-korean-agencies-warn.html

🔥 Heads up! New Nexus Android banking trojan is here, targeting 450 financial apps & crypto services.

It can even read 2FA codes from SMS & Google Authenticator by exploiting Android's accessibility services.

Learn more: https://thehackernews.com/2023/03/nexus-new-rising-android-banking-trojan.html

⚠️Chinese nation-state groups are getting better at bypassing security!

Learn more: https://thehackernews.com/2023/03/researchers-uncover-chinese-nation.html

They are now using TONEINS, TONESHELL, and PUBLOAD malware for more effective infiltration, as well as HIUPAN and ACNSHELL for reverse shell.

Don't let third-party app access put your company's data at risk!

Join our upcoming webinar to learn about the potential dangers and get expert insights on how to keep your SaaS apps secure.

Learn from the experts - register today: https://thn.news/risk-of-3rd-party-saas-apps

🐍 Python developers, beware! Malicious package on PyPI uses Unicode to evade detection and deploy info-stealing malware!

📢 Learn more: https://thehackernews.com/2023/03/malicious-python-package-uses-unicode.html

GitHub replaces RSA SSH host key after brief exposure in public repository to prevent any bad actor from impersonating the service or eavesdropping on users' operations over SSH.

Learn more: https://thehackernews.com/2023/03/github-swiftly-replaces-exposed-rsa-ssh.html

OpenAI discloses a Redis bug causing certain ChatGPT users' personal info and chat titles to be exposed.

Learn more: https://thehackernews.com/2023/03/openai-reveals-redis-bug-behind-chatgpt.html

Conor Brian Fitzpatrick, the 20-year-old founder and admin of the now-defunct BreachForums, has been charged in the U.S. with conspiracy to commit access device fraud. If found guilty, he faces up to five years in prison.

Read: https://thehackernews.com/2023/03/20-year-old-breachforums-founder-faces.html

🚨 Microsoft releases out-of-band update for privacy-defeating flaw in Windows 10 & 11 screenshot editing tools!

Learn more: https://thehackernews.com/2023/03/microsoft-issues-patch-for-acropalypse.html

🔒 Dubbed "aCropalypse," the #vulnerability allows malicious actors to recover edited parts of screenshots.