🕵️‍♂️ Researchers unveil SnailLoad — a new side-channel attack exploiting network latency spy on users' web activity remotely, achieving up to 98% for video content and 63% for website visits.

Read: https://thehackernews.com/2024/06/new-snailload-attack-exploits-network.html

From PowerShell scripts to mimicking legitimate apps, discover how the 8220 Gang exploits Oracle WebLogic Server vulnerabilities using fileless techniques for cryptocurrency mining.

Read: https://thehackernews.com/2024/06/8220-gang-exploits-oracle-weblogic.html

Don't let your #SaaS become a trojan horse!

Threat actors exploit misconfigured settings, dormant machine IDs, unauthorized access to breach networks. Extend Zero Trust to SaaS with posture management to lock it down.

Learn more: https://thehackernews.com/2024/06/combatting-evolving-saas-kill-chain-how.html

GitLab releases security updates fixing 14 vulnerabilities, including critical CI/CD flaw CVE-2024-5655. Update now to ensure protection.

Read: https://thehackernews.com/2024/06/gitlab-releases-patch-for-critical-cicd.html

🚨 Just when you thought your biggest online worry was autocorrect... Think again!

North Korean Kimsuky group is using a new malicious Chrome extension, TRANSLATEXT, to steal sensitive info from South Korean academia.

Details here: https://thehackernews.com/2024/06/kimsuky-using-translatext-chrome.html

⚠️ Attention website operators! Starting Nov 1, 2024, Google Chrome will block sites using Entrust certificates due to security issues.

Read: https://thehackernews.com/2024/06/google-to-block-entrust-certificates-in.html

Don't get caught off guard—switch to a trusted CA before it's too late.

🚨 Critical Alert for Network Admins!

Juniper Networks just dropped an urgent security patch.

➟ CVE-2024-2973: Authentication bypass flaw
➟ CVSS score: 10.0
➟ Affects Session Smart Router & Conductor in HA configs

Read: https://thehackernews.com/2024/07/juniper-networks-releases-critical.html

🚨 A critical OpenSSH flaw (CVE-2024-6387) allows unauthenticated remote code execution on glibc-based Linux systems. 14 million servers at risk.

https://thehackernews.com/2024/07/new-openssh-vulnerability-could-lead-to.html

Apply the latest patches now!

🛑 ALERT: Software from Conceptworld trojanized to spread info-stealing malware!

If you downloaded Notezilla, RecentX, or Copywhiz in June, check your systems NOW!

Details here: https://thehackernews.com/2024/07/indian-software-firms-products-hacked.html

Explore end-to-end secrets security strategies to protect machine identities, prevent breaches, and empower developers with secure credential management practices.

Read: https://thehackernews.com/2024/07/end-to-end-secrets-security-making-plan.html

Transparent Tribe launches a new Android malware campaign, targeting mobile users with CapraRAT spyware disguised as popular apps.

Read: https://thehackernews.com/2024/07/caprarat-spyware-disguised-as-popular.html

🔒 iOS & macOS devs, heads up!

Discover how 3 new vulnerabilities in CocoaPods, a popular Apple developer tool, could lead to supply chain attacks on iOS & macOS apps.

Details here: https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html

Ensure your dependencies are up-to-date.

⚠️ Think twice before connecting to "free" Wi-Fi...

A 42-year-old Australian man charged for running fake Wi-Fi hotspots on 🛫 flights to steal personal data of passengers.

Learn more: https://thehackernews.com/2024/07/australian-man-charged-for-fake-wi-fi.html

Heads up! China-linked hackers are exploiting a zero-day vulnerability in Cisco NX-OS to execute commands as root, undetected, and deliver malware.

Read details: https://thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html

🌐 Meta's ad-free option in the E.U. hits another roadblock! Regulators say "pay or consent" model breaches competition rules.

But is offering choices really a breach? What’s your take?

Read: https://thehackernews.com/2024/07/metas-pay-or-consent-approach-faces-eu.html

🚨 New CPU vulnerability alert!

Intel's Raptor Lake & Alder Lake CPUs at risk from "Indirector" side-channel attack.

Read: https://thehackernews.com/2024/07/new-intel-cpu-vulnerability-indirector.html

Could leak sensitive data.

🔐 Average ransomware payment hits $2M, up 500%! Time to ditch outdated MFA and secure your organization with next-gen MFA to defend against sophisticated attacks.

Learn more: https://thehackernews.com/2024/07/how-mfa-failures-are-fueling-500-surge.html

IDC Spotlight: Creating a Cohesive Disaster and Cyber Recovery Strategy. Discover why IDC recommends an integrated approach for Cyber Recovery in 2024/2025.

Read: https://thn.news/cohesive-recovery-strategy

⚠️ Alert - A South Korean ERP vendor's update server was hacked to deliver a Go-based backdoor dubbed Xctdoor, stealing sensitive business info with keystrokes and screenshots.

Learn more: https://thehackernews.com/2024/07/south-korean-erp-vendors-server-hacked.html

Israeli entities are under attack by hackers using public frameworks like Donut and Sliver. The campaign, dubbed "Supposed Grasshopper," is using custom WordPress sites for payload delivery.

Learn more: https://thehackernews.com/2024/07/israeli-entities-targeted-by.html