🚨 Alert: Kimsuky, the North Korean APT group, is back in action! They're using a new custom malware called "RandomQuery" to conduct reconnaissance and steal sensitive information.

Read details: https://thehackernews.com/2023/05/north-korean-kimsuky-hackers-strike.html

WINTAPIX: A newly discovered malware, acting as a loader, has been identified in attacks targeting Saudi Arabia, Qatar, and UAE. By exploiting a vulnerable kernel driver, the attacker gains privileged access & executes a multi-stage attack.

https://thehackernews.com/2023/05/new-wintapixsys-malware-engages-in.html

Ukraine's state bodies under cyber attack! CERT-UA warns of an espionage campaign targeting ministries. Hackers, known as UAC-0063, are leveraging phishing emails and malicious tools to infiltrate systems.

Read: https://thehackernews.com/2023/05/cyber-attacks-strike-ukraines-state.html

North Korean Lazarus Group remains relentless in targeting vulnerable Microsoft IIS servers, utilizing DLL side-loading techniques to deploy malicious software in latest espionage operations.

Read details: https://thehackernews.com/2023/05/n-korean-lazarus-group-targets.html

Legion, the Python-based hack tool, evolves with expanded capabilities. Latest version exploits SSH servers and gains access to DynamoDB and CloudWatch credentials associated with AWS.

Read details: https://thehackernews.com/2023/05/legion-malware-upgraded-to-target-ssh.html

🚨 Popular app gone rogue! "iRecorder - Screen Recorder" app sneaks in information stealing capabilities after a year on Play Store.

Read details: https://thehackernews.com/2023/05/data-stealing-malware-discovered-in.html

Google has finally removed it from the Play Store, but the damage may already be done.

Researchers identify a series of watering hole attacks targeting shipping and logistics companies in China.

Read details here: https://thehackernews.com/2023/05/iranian-tortoiseshell-hackers-targeting.html

🔒 Google introduces GUAC Beta 0.1, an open-source framework to secure software supply chains. By combining SBOMs, vulnerability feeds, and internal metadata, organizations gain a holistic view of their risk profile.

Read details: https://thehackernews.com/2023/05/guac-01-beta-googles-breakthrough.html

Iranian threat actor Agrius is using a new ransomware strain called Moneybird (programmed in C++) to target Israeli organizations

Read details: https://thehackernews.com/2023/05/iranian-agrius-hackers-targeting.html

🚨 A China-based state-sponsored group, Volt Typhoon, has stealthily infiltrated critical infrastructure organizations in the U.S. and Guam, remaining undetected until now.

Learn about their advanced tactics: https://thehackernews.com/2023/05/chinas-stealthy-hackers-infiltrate-us.html

Cybercrime group Blacktail is transitioning from using its Buhti ransomware to leaked LockBit and Babuk ransomware versions, expanding its targets to include Windows and Linux systems.

Read details here: https://thehackernews.com/2023/05/buhti-ransomware-gang-switches-tactics.html

🚨 Alert: Portuguese bank users beware! Brazilian hackers are on the prowl, targeting over 30 financial institutions.

Read details: https://thehackernews.com/2023/05/alert-brazilian-hackers-targeting-users.html

⚡ An Iranian threat actor targeted a government entity in the UAE, leveraging a "simple yet effective" backdoor called "PowerExchange" to breach their Microsoft Exchange Servers.

Learn more: https://thehackernews.com/2023/05/new-powerexchange-backdoor-used-in.html

🚨 Critical security flaws exposed! Hackers can execute code on Zyxel's firewall & VPN products. Don't wait, act now!

Read more 👉 https://thehackernews.com/2023/05/zyxel-issues-critical-security-patches.html

New Botnet Alert! Dark Frost strikes the gaming industry with relentless DDoS attacks.

Find out how this powerful #malware is wreaking havoc: https://thehackernews.com/2023/05/dark-frost-botnet-launches-devastating.html

Fortify your cloud app development pipeline with Lee Atchison! Drawing from his 30+ years in the industry, Lee shares comprehensive strategies to mitigate the increasing security risks facing modern application development.

Download this eBook here: https://uptycs.fyi/thn-la-2

🚨 Urgent Alert: Hackers are exploiting a new zero-day vulnerability to breach Barracuda's Email Security Gateway appliances.

Learn more about the remote code injection flaw 👉 https://thehackernews.com/2023/05/barracuda-warns-of-zero-day-exploited.html

⚡ New industrial malware, COSMICENERGY, has been unearthed—a stealthy threat targeting electric transmission operations in Europe, the Middle East, and Asia.

Read details here: https://thehackernews.com/2023/05/new-cosmicenergy-malware-exploits-ics.html

🕵️‍♂️ Beware: Android Spyware 'Predator' Records Your Calls, Steals Messages, and More!

Discover more about its chilling capabilities here: https://thehackernews.com/2023/05/predator-android-spyware-researchers.html

🔐 New security flaw exposed in Google Cloud Platform's Cloud SQL service. Learn how a multi-stage attack chain could have granted unauthorized access to internal data, secrets, and customer information.

Read: https://thehackernews.com/2023/05/severe-flaw-in-google-clouds-cloud-sql.html