⚠️Chinese nation-state groups are getting better at bypassing security!

Learn more: https://thehackernews.com/2023/03/researchers-uncover-chinese-nation.html

They are now using TONEINS, TONESHELL, and PUBLOAD malware for more effective infiltration, as well as HIUPAN and ACNSHELL for reverse shell.

Don't let third-party app access put your company's data at risk!

Join our upcoming webinar to learn about the potential dangers and get expert insights on how to keep your SaaS apps secure.

Learn from the experts - register today: https://thn.news/risk-of-3rd-party-saas-apps

🐍 Python developers, beware! Malicious package on PyPI uses Unicode to evade detection and deploy info-stealing malware!

📢 Learn more: https://thehackernews.com/2023/03/malicious-python-package-uses-unicode.html

GitHub replaces RSA SSH host key after brief exposure in public repository to prevent any bad actor from impersonating the service or eavesdropping on users' operations over SSH.

Learn more: https://thehackernews.com/2023/03/github-swiftly-replaces-exposed-rsa-ssh.html

OpenAI discloses a Redis bug causing certain ChatGPT users' personal info and chat titles to be exposed.

Learn more: https://thehackernews.com/2023/03/openai-reveals-redis-bug-behind-chatgpt.html

Conor Brian Fitzpatrick, the 20-year-old founder and admin of the now-defunct BreachForums, has been charged in the U.S. with conspiracy to commit access device fraud. If found guilty, he faces up to five years in prison.

Read: https://thehackernews.com/2023/03/20-year-old-breachforums-founder-faces.html

🚨 Microsoft releases out-of-band update for privacy-defeating flaw in Windows 10 & 11 screenshot editing tools!

Learn more: https://thehackernews.com/2023/03/microsoft-issues-patch-for-acropalypse.html

🔒 Dubbed "aCropalypse," the #vulnerability allows malicious actors to recover edited parts of screenshots.

⚠️ MacOS Alert! MacStealer targeting Apple devices running macOS Catalina & later, M1/M2 CPUs.

The malware Telegram for C&C, stealing documents, browser cookies, iCloud keychain, passwords & credit card info.

Learn more: https://thehackernews.com/2023/03/new-macstealer-macos-malware-steals.html

Heads up, iPhone and iPad users! Apple has backported fixes for an actively exploited vulnerability (CVE-2023-23529) to older models.

Details: https://thehackernews.com/2023/03/apple-issues-urgent-security-update-for.html

Make sure to update to iOS 15.7.4 and iPadOS 15.7.4 ASAP to stay protected.

U.S. President Joe Biden signs an executive order restricting the use of commercial spyware by federal government agencies, citing security and counterintelligence risks.

Learn more: https://thehackernews.com/2023/03/president-biden-signs-executive-order.html

🚨 New phishing campaign targets European entities using Remcos RAT & Formbook via DBatLoader malware!

Read: https://thehackernews.com/2023/03/stealthy-dbatloader-malware-loader.html

DBatLoader exploits multi-layered obfuscated HTML & OneNote attachments, and leverages image steganography to evade detection engines.

New IcedID Lite and Forked malware variants discovered!

Threat actors pivot away from banking fraud functionality to focus on payload delivery, including #ransomware.

Learn more: https://thehackernews.com/2023/03/icedid-malware-shifts-focus-from.html

APT group SideCopy, known for targeting India & Afghanistan government agencies, has launched a new phishing campaign delivering Action RAT and AuTo Stealer.

Learn more: https://thehackernews.com/2023/03/pakistan-origin-sidecopy-linked-to-new.html

🚀 Microsoft unveils Security Copilot in preview! Powered by OpenAI's GPT-4, it offers end-to-end defense 🔒 at machine speed and scale.

Details here: https://thehackernews.com/2023/03/microsoft-introduces-gpt-4-ai-powered.html

APT43, a moderately-sophisticated cyber operator that supports North Korea's regime, engages in financially-motivated cybercrime to fund its operations.

Learn more: https://thehackernews.com/2023/03/north-korean-apt43-group-uses.html

🔥 New Chinese-linked #malware, Mélofée, threatens Linux servers!

Uncovered by ExaTrack, it enables remote control over servers and hides itself using kernel-mode rootkits.

Learn more: https://thehackernews.com/2023/03/melofee-researchers-uncover-new-linux.html

🚨 Google's TAG reveals commercial spyware vendors exploited zero-day vulnerabilities on Android & iOS devices last year.

Learn more: https://thehackernews.com/2023/03/spyware-vendors-caught-exploiting-zero.html

These highly targeted campaigns put dissidents, journalists, & human rights workers at risk.

Beware of 🦠 Trojanized TOR installers targeting Russia & Eastern Europe with clipper malware designed to steal cryptocurrencies.

Learn more: https://thehackernews.com/2023/03/trojanized-tor-browser-installers.html

⚠️ 🚨 Active supply chain attack targets popular voice and video conferencing software 3CX Desktop App, affecting hundreds of well-known brands and millions of users.

A multi-stage attack chain has been identified, beginning with a trojanized app and leading to a 3rd stage infostealer DLL, capable of targeting Google Chrome, Microsoft Edge, Brave, and Mozilla Firefox browsers.

Learn more: https://thehackernews.com/2023/03/3cx-desktop-app-targeted-in-supply.html

🚨 New cybersecurity threat! AlienFox, a highly modular & constantly evolving toolset distributed on Telegram, enables attackers to harvest API keys & secrets from popular cloud service providers like AWS, Google Workspace, and Microsoft 365.

Learn more: https://thehackernews.com/2023/03/alienfox-malware-targets-api-keys-and.html