Researchers identify a series of watering hole attacks targeting shipping and logistics companies in China.

Read details here: https://thehackernews.com/2023/05/iranian-tortoiseshell-hackers-targeting.html

🔒 Google introduces GUAC Beta 0.1, an open-source framework to secure software supply chains. By combining SBOMs, vulnerability feeds, and internal metadata, organizations gain a holistic view of their risk profile.

Read details: https://thehackernews.com/2023/05/guac-01-beta-googles-breakthrough.html

Iranian threat actor Agrius is using a new ransomware strain called Moneybird (programmed in C++) to target Israeli organizations

Read details: https://thehackernews.com/2023/05/iranian-agrius-hackers-targeting.html

🚨 A China-based state-sponsored group, Volt Typhoon, has stealthily infiltrated critical infrastructure organizations in the U.S. and Guam, remaining undetected until now.

Learn about their advanced tactics: https://thehackernews.com/2023/05/chinas-stealthy-hackers-infiltrate-us.html

Cybercrime group Blacktail is transitioning from using its Buhti ransomware to leaked LockBit and Babuk ransomware versions, expanding its targets to include Windows and Linux systems.

Read details here: https://thehackernews.com/2023/05/buhti-ransomware-gang-switches-tactics.html

🚨 Alert: Portuguese bank users beware! Brazilian hackers are on the prowl, targeting over 30 financial institutions.

Read details: https://thehackernews.com/2023/05/alert-brazilian-hackers-targeting-users.html

⚡ An Iranian threat actor targeted a government entity in the UAE, leveraging a "simple yet effective" backdoor called "PowerExchange" to breach their Microsoft Exchange Servers.

Learn more: https://thehackernews.com/2023/05/new-powerexchange-backdoor-used-in.html

🚨 Critical security flaws exposed! Hackers can execute code on Zyxel's firewall & VPN products. Don't wait, act now!

Read more 👉 https://thehackernews.com/2023/05/zyxel-issues-critical-security-patches.html

New Botnet Alert! Dark Frost strikes the gaming industry with relentless DDoS attacks.

Find out how this powerful #malware is wreaking havoc: https://thehackernews.com/2023/05/dark-frost-botnet-launches-devastating.html

Fortify your cloud app development pipeline with Lee Atchison! Drawing from his 30+ years in the industry, Lee shares comprehensive strategies to mitigate the increasing security risks facing modern application development.

Download this eBook here: https://uptycs.fyi/thn-la-2

🚨 Urgent Alert: Hackers are exploiting a new zero-day vulnerability to breach Barracuda's Email Security Gateway appliances.

Learn more about the remote code injection flaw 👉 https://thehackernews.com/2023/05/barracuda-warns-of-zero-day-exploited.html

⚡ New industrial malware, COSMICENERGY, has been unearthed—a stealthy threat targeting electric transmission operations in Europe, the Middle East, and Asia.

Read details here: https://thehackernews.com/2023/05/new-cosmicenergy-malware-exploits-ics.html

🕵️‍♂️ Beware: Android Spyware 'Predator' Records Your Calls, Steals Messages, and More!

Discover more about its chilling capabilities here: https://thehackernews.com/2023/05/predator-android-spyware-researchers.html

🔐 New security flaw exposed in Google Cloud Platform's Cloud SQL service. Learn how a multi-stage attack chain could have granted unauthorized access to internal data, secrets, and customer information.

Read: https://thehackernews.com/2023/05/severe-flaw-in-google-clouds-cloud-sql.html

🚨 A critical vulnerability in Expo's OAuth implementation 🔐 puts user accounts at risk of hijacking and data theft on popular platforms.

Read this story here: https://thehackernews.com/2023/05/critical-oauth-vulnerability-in-expo.html

📢 Attention, Internet Users! Beware of the relentless Bandit Stealer info-stealer malware, wreaking havoc on web browsers & crypto wallets worldwide.

Don't be a victim, read details here — https://thehackernews.com/2023/05/new-stealthy-bandit-stealer-targeting.html

Python Package Index (PyPI) now mandates 2-factor authentication for all project maintainers to prevent account takeover attacks and safeguard the software supply chain.

Learn more: https://thehackernews.com/2023/05/pypi-implements-mandatory-two-factor.html

🔒 Beware! A new phishing technique called "file archiver in the browser" has emerged. It cleverly imitates legitimate file archiver software, like WinRAR, right in your web browser using a .ZIP domain.

Read details: https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html

🚨 Linux routers in Japan are under attack by a sneaky new villain named GobRAT.

But how does it sneak in and wreak havoc? Let's dive in: https://thehackernews.com/2023/05/new-gobrat-remote-access-trojan.html

💣 AceCryptor: the crypter malware that packs a punch! Since 2016, it's been hiding numerous strains of #malware under its cloak.

Read details: https://thehackernews.com/2023/05/acecryptor-cybercriminals-powerful.html

ESET detected over 240,000 instances in 2021 and 2022 alone! That's more than 10,000 hits per month!