🚨 A critical vulnerability in Expo's OAuth implementation 🔐 puts user accounts at risk of hijacking and data theft on popular platforms.

Read this story here: https://thehackernews.com/2023/05/critical-oauth-vulnerability-in-expo.html

📢 Attention, Internet Users! Beware of the relentless Bandit Stealer info-stealer malware, wreaking havoc on web browsers & crypto wallets worldwide.

Don't be a victim, read details here — https://thehackernews.com/2023/05/new-stealthy-bandit-stealer-targeting.html

Python Package Index (PyPI) now mandates 2-factor authentication for all project maintainers to prevent account takeover attacks and safeguard the software supply chain.

Learn more: https://thehackernews.com/2023/05/pypi-implements-mandatory-two-factor.html

🔒 Beware! A new phishing technique called "file archiver in the browser" has emerged. It cleverly imitates legitimate file archiver software, like WinRAR, right in your web browser using a .ZIP domain.

Read details: https://thehackernews.com/2023/05/dont-click-that-zip-file-phishers.html

🚨 Linux routers in Japan are under attack by a sneaky new villain named GobRAT.

But how does it sneak in and wreak havoc? Let's dive in: https://thehackernews.com/2023/05/new-gobrat-remote-access-trojan.html

💣 AceCryptor: the crypter malware that packs a punch! Since 2016, it's been hiding numerous strains of #malware under its cloak.

Read details: https://thehackernews.com/2023/05/acecryptor-cybercriminals-powerful.html

ESET detected over 240,000 instances in 2021 and 2022 alone! That's more than 10,000 hits per month!

💥 BrutePrint: A new attack technique targeting smartphone fingerprint 🔓 authentication.

Find out how logical defects and hardware wizardry create a "middleman" attack on your biometric security.

Read details: https://thehackernews.com/2023/05/new-bruteprint-attack-lets-attackers.html

CAPTCHA-breaking services are on the rise, rendering your security measures ineffective. Find out how they're using actual human solvers to crack CAPTCHAs and helping cybercriminals bypass bot-detection systems.

Read details: https://thehackernews.com/2023/05/captcha-breaking-services-with-human.html

🚨 Attention, Android users in India! Beware of DogeRAT malware! It disguises itself as apps like Opera Mini, as well as premium versions of YouTube, Netflix, and #Instagram.

Read deatils: https://thehackernews.com/2023/05/sneaky-dogerat-trojan-poses-as-popular.html

DogeRAT hijacks devices, steals data, spams, makes unauthorized payments, modifies files, and captures secret photos.

Attention Sonos users! Your favorite wireless speaker might be a gateway for cyberattacks. They're vulnerable to code execution and information disclosure.

Learn more: https://thehackernews.com/2023/05/hackers-win-105000-for-reporting.html

🚨 Urgent alert! Critical zero-day flaw (CVE-2023-2868) exploited for 7 months!

Backdoor access, data exfiltration, and 3 potent malware strains discovered targeting Barracuda's Email Security Gateways.

Learn more: https://thehackernews.com/2023/05/alert-hackers-exploit-barracuda-email.html

Fake software, real danger! RomCom RAT hackers are deploying fake websites to sneak into unsuspecting targets' systems.

Discover more about the tactics behind this threat: https://thehackernews.com/2023/05/romcom-rat-using-deceptive-web-of-rogue.html

Dark Pink APT group strikes again! Five new attacks reported in Belgium, Brunei, Indonesia, Thailand, and Vietnam

Learn how their custom malware, spear-phishing emails, and advanced persistence mechanisms pose an ongoing risk.

Read: https://thehackernews.com/2023/05/dark-pink-apt-group-leverages.html

💻🔒 Microsoft reveals details of a critical Apple macOS vulnerability, dubbed 'Migraine.' From SIP bypass to rootkit installation, this flaw had serious implications.

Read the full story: https://thehackernews.com/2023/05/microsoft-details-critical-apple-macos.html

🚨 Researchers expose backdoor-like behavior in Gigabyte systems, allowing unsecure Windows executable downloads through UEFI firmware. Millions of devices impacted.

Learn more: https://thehackernews.com/2023/05/critical-firmware-vulnerability-in.html

⚠️ Apache NiFi servers at risk! A financially motivated threat actor is targeting unprotected instances, hijacking them to mine cryptocurrencies and move laterally.

Read details: https://thehackernews.com/2023/05/cybercriminals-targeting-apache-nifi.html

⚠️ If you're using the Jetpack plugin, listen up! A critical flaw has been discovered, leaving your WordPress site vulnerable to attacks.

Good news: WordPress has issued an automatic update to address the issue.

Read details: https://thehackernews.com/2023/06/urgent-wordpress-update-fixes-critical.html

U.S. Cybersecurity Agency raises alarm over critical flaw in Zyxel gear! Active exploitation detected. Learn more about the CVE-2023-28771 vulnerability and its potential risks.

Read: https://thehackernews.com/2023/06/active-mirai-botnet-variant-exploiting.html

⚠️ Unmasking ScarCruft's secret weapon! Discover the covert operations of this North Korean state-sponsored group as they employ the powerful RokRAT trojan to breach systems and maintain control.

Read full story here: https://thehackernews.com/2023/06/n-korean-scarcruft-hackers-exploit.html

😼 Sneakier & faster!

New improved BlackCat ransomware variant Sphynx sharpening claws on evasion techniques & encryption.

Find out more: https://thehackernews.com/2023/06/improved-blackcat-ransomware-strikes.html