Researchers have uncovered a multi-stage attack involving infected sites, fake Chrome updates, and a JScript downloader to deploy the BadSpace malware.

Learn how to spot and avoid these deceptive prompts: https://thehackernews.com/2024/06/hackers-exploit-legitimate-websites-to.html

Researchers reveal 3-year cyber espionage campaign by China-linked Velvet Ant group, exploiting F5 BIG-IP for persistence and deploying PlugX malware variants.

Read details: https://thehackernews.com/2024/06/china-linked-hackers-infiltrate-east.html

ASUS releases crucial updates for multiple router models to address critical authentication bypass and buffer overflow vulnerabilities.

Read: https://thehackernews.com/2024/06/asus-patches-critical-authentication.html

Learn how integrating security early in DevOps with DevSecOps practices enhances productivity and ensures software integrity

Read: https://thehackernews.com/2024/06/what-is-devsecops-and-why-is-it.html

🚨 Major cybercrime busts!

1️⃣ Two extradited to Singapore for mobile malware, 4,000+ victims.

2️⃣ Taiwan arrests 4 for unauthorized bank transfers, $1.33M seized.

3️⃣ U.S. charges 2 for Empire Market, $430M in illegal trades.

Read: https://thehackernews.com/2024/06/singapore-police-extradites-malaysians.html

VMware has released patches for Cloud Foundation, vCenter Server, and vSphere ESXi to fix critical flaws that could allow RCE and privilege escalation.

Learn more about CVE-2024-37079, CVE-2024-37080 & CVE-2024-37081—and secure your infrastructure now.

https://thehackernews.com/2024/06/vmware-issues-patches-for-cloud.html

Researchers uncover a new malware campaign targeting exposed Docker API endpoints to deliver cryptocurrency miners and remote access tools.

Learn more: https://thehackernews.com/2024/06/new-malware-targets-exposed-docker-apis.html

Cybercriminals exploit free software lures, SEO tricks and social engineering tactics to deploy Hijack Loader, Vidar Stealer, and other malware, targeting unsuspecting users.

Read: https://thehackernews.com/2024/06/cybercriminals-exploit-free-software.html

EU's controversial proposal to scan private messages for CSAM detection raises alarms for end-to-end encryption.

Signal Foundation president warns of severe risks. Learn more: https://thehackernews.com/2024/06/signal-foundation-warns-against-eus.html

Explore the latest trends in SaaS security investment and challenges. Discover how enterprises are enhancing their security strategies to protect critical data and operations.

Read: https://thehackernews.com/2024/06/the-annual-saas-security-report-2025.html

🚨 Attention: Researchers uncover security flaws in the Mailcow mail server suite, affecting all versions prior to 2024-04.

These vulnerabilities allow for arbitrary code execution and admin account takeover.

Find details here: https://thehackernews.com/2024/06/mailcow-mail-server-flaws-expose.html

⚠️ Alert: A new large-scale scam by "markopolo" targets cryptocurrency users with malware-infected applications like Vortax to deliver information stealers such as Rhadamanthys, StealC, and Atomic #macOS Stealer.

🔗 Don't fall for it—get details: https://thehackernews.com/2024/06/warning-markopolos-scam-targeting.html

Void Arachne targets Chinese-speaking users with malicious VPN installers.

This sophisticated attack employs SEO poisoning and promotes compromised MSI files containing nudifiers, deepfake porno-generating software, and AI voice and facial technologies.

https://thehackernews.com/2024/06/void-arachne-uses-deepfakes-and-ai-to.html

Explore the dangers of Google Tag Manager misconfigurations with real-world examples.

Learn how to safeguard your data and comply with privacy laws.

Read: https://thehackernews.com/2024/06/new-case-study-unmanaged-gtm-tags.html

China-linked cyber espionage group UNC3886 exploits zero-day vulnerabilities in Fortinet, Ivanti, and VMware devices and evading detection with advanced techniques.

Discover how they operate: https://thehackernews.com/2024/06/chinese-cyber-espionage-group-exploits.html

⚡ Kraken exchange hacked: $3 Million stolen due to zero-day flaw. Researcher exploits bug, extorts company, refuses to return funds.

Read: https://thehackernews.com/2024/06/kraken-crypto-exchange-hit-by-3-million.html

Kraken working with law enforcement, calls actions criminal.

Discover the latest evasive malware loader, SquidLoader, targeting Chinese organizations via phishing emails. Learn about its advanced anti-analysis techniques and the ongoing threat of loader malware.

Details ➡️ https://thehackernews.com/2024/06/experts-uncover-new-evasive-squidloader.html

🔒 Fickle Stealer, a new Rust-based malware, and AZStealer, an open-source Python stealer, target sensitive data from crypto wallets, browsers, and more through multiple attack chains and exfiltration methods.

Learn more: https://thehackernews.com/2024/06/new-rust-based-fickle-malware-uses.html

Chinese-linked cyber espionage groups have been uncovered in a long-term infiltration of telecom operators in Asia since 2021, deploying custom malware and stealing credentials.

Read: https://thehackernews.com/2024/06/chinese-cyber-espionage-targets-telecom.html

Explore the challenges MSPs face with too many cybersecurity tools and discover how Guardz's unified platform simplifies operations and enhances security.

Read: https://thehackernews.com/2024/06/tool-overload-why-msps-are-still.html