Heads up! A massive campaign involving over 1,000 fraudulent cryptocurrency websites has scammed thousands of people worldwide with false promises of huge rewards.

Don't fall for their trickery — spread the word: https://thehackernews.com/2023/06/beware-1000-fake-cryptocurrency-sites.html

Security researcher uncovers major vulnerabilities in Honda's e-commerce platform, exposing sensitive dealer information. This flaw could have allowed unrestricted access to data.

Learn more: https://thehackernews.com/2023/06/password-reset-hack-exposed-in-hondas-e.html

Researchers have uncovered a new flaw (CVE-2023-28299) in the Microsoft Visual Studio installer that could allow attackers to impersonate trusted publishers and distribute malicious extensions.

Read details: https://thehackernews.com/2023/06/researchers-uncover-publisher-spoofing.html

Cybersecurity is evolving! Attack Surface Management is leading the 💪 frontlines. Want to know why it's critical for your organization?

👉 Learn more: https://thehackernews.com/2023/06/why-now-rise-of-attack-surface.html

Two Russian masterminds charged for orchestrating the 2014 Mt. Gox cryptocurrency exchange hack. These hackers stole a whopping 647,000 bitcoins and contributed to the exchange's collapse.

Read details: https://thehackernews.com/2023/06/two-russian-nationals-charged-for.html

⚠️ Attention, organizations! A global wave of email attacks is underway! Hackers are using "adversary-in-the-middle" techniques to bypass Office365 authentication and gain persistent access to compromised accounts.

Learn more: https://thehackernews.com/2023/06/adversary-in-middle-attack-campaign.html

Hackers are actively exploiting the latest Fortinet's FortiOS and FortiProxy flaw, targeting government, manufacturing, and critical infrastructure sectors.

Learn more: https://thehackernews.com/2023/06/critical-fortios-and-fortiproxy.html

Take immediate action and update to the latest firmware now!

Heads up, everyone! DoubleFinger, a multi-stage loader, delivers the notorious GreetingGhoul stealer, targeting cryptocurrency users worldwide in Europe, the U.S., and Latin America.

Learn more: https://thehackernews.com/2023/06/beware-new-doublefinger-loader-targets.html

Attention! Microsoft just released software updates to fix over 70 security vulnerabilities.

It's a relatively light patch load this month, and the best part? No active exploitation of zero-day vulnerabilities reported.

Read: https://thehackernews.com/2023/06/microsoft-releases-updates-to-patch.html

Researchers uncover Skuld, a potent Golang-based information stealer that targets Discord, web browsers, and sensitive files on Windows systems.

Read: https://thehackernews.com/2023/06/new-golang-based-skuld-malware-stealing.html

Heads up, online store owners! A critical flaw has been discovered in the WooCommerce Stripe Gateway WordPress plugin, potentially exposing sensitive information.

Learn more: https://thehackernews.com/2023/06/critical-security-vulnerability.html

🚨 ALERT: Several fake researcher accounts on GitHub are pushing malicious code, claiming to exploit zero-day flaws in Discord, Google Chrome, and Microsoft Exchange.

Learn more: https://thehackernews.com/2023/06/fake-researcher-profiles-spread-malware.html

🔓 Two severe security vulnerabilities have been disclosed in microsoft Azure Bastion and Container Registry, potentially enabling unauthorized access and data compromise.

Learn more: https://thehackernews.com/2023/06/severe-vulnerabilities-reported-in.html

Chinese state-sponsored group UNC3886 exploits a zero-day VMware authentication bypass flaw (CVE-2023-20867) to backdoor Windows, Linux, and PhotonOS systems.

Learn about the backdoor tactics: https://thehackernews.com/2023/06/chinese-hackers-exploit-vmware-zero-day.html

LockBit ransomware scheme extorts $91 million from U.S. organizations in a series of devastating attacks since 2020.

Learn more: https://thehackernews.com/2023/06/lockbit-ransomware-extorts-91-million.html

Microsoft reveals a new Russian threat actor, Cadet Blizzard, linked to GRU, with a lower success rate but high destructive activity.

Read about it here: https://thehackernews.com/2023/06/microsoft-warns-of-new-russian-state.html

Russian threat actor Shuckworm escalates cyber assaults on Ukrainian entities, targeting security services and government organizations. New report exposes long-running intrusions and theft of sensitive information.

Read: https://thehackernews.com/2023/06/new-report-reveals-shuckworms-long.html

Researchers uncover a concerning software supply chain attack using expired Amazon S3 buckets to distribute malware-infected binaries.

Read about it here: https://thehackernews.com/2023/06/new-supply-chain-attack-exploits.html

Is your vulnerability management program falling short?

Struggling to align security and non-security teams?

Discover how to overcome the challenge & successfully implement a Continuous Threat Exposure Management (CTEM) program.

Read👉 https://thehackernews.com/2023/05/3-challenges-in-building-continuous.html

Attention Android users: Beware of the latest version of GravityRAT! It disguises itself as messaging apps, stealing WhatsApp backups, deleting call logs, and files.

Learn more about it here: https://thehackernews.com/2023/06/warning-gravityrat-android-trojan.html