Russian hacker Mikhail Matveev, tied to LockBit & Hive ransomware, arrested in Russia. The US had offered a $10M reward for his role in global ransomware attacks.

Learn more: https://thehackernews.com/2024/11/wanted-russian-cybercriminal-linked-to.html

💰 Operation HAECHI-V, led by INTERPOL and 40 countries, dismantled a massive e-crime syndicate, arresting over 5,500 suspects, seizing $400M in virtual assets, and recovering billions, delivering a strong warning to cybercriminals worldwide.

https://thehackernews.com/2024/12/interpol-arrests-5500-in-global.html

🚨 Over a dozen #Android apps on Google Play, downloaded over 8 million times, have been found to carry malware called SpyLoan. These apps prey on vulnerable users seeking quick loans.

These apps don’t just trap users in high-interest loans—they steal personal and financial data, leading to extortion and harassment.

Find out how this global scam operates: https://thehackernews.com/2024/12/8-million-android-users-hit-by-spyloan.html

⚡ WEBINAR ALERT: Hackers are already targeting AI apps while you’re building them. If security isn’t baked in, the costs could be devastating.

Ready to future-proof your AI development? Join the webinar that’s equipping developers and tech leaders to secure tomorrow’s innovations, today.

Register Now: https://thehackernews.com/2024/12/a-guide-to-securing-ai-app-development.html

Manufacturing & healthcare sectors are being targeted by SmokeLoader #malware—modular, evasive, and deadly.

With plugins that steal data, mine crypto, and launch DDoS, no system is safe.

Full story here: https://thehackernews.com/2024/12/smokeloader-malware-resurfaces.html

🚨 Over 1,000 victims targeted by the new Horns&Hooves malware campaign.

Using fake emails disguised as customer requests, attackers deploy NetSupport RAT & BurnsRAT, leading to data theft & ransomware risks.

🔗 Read more: https://thehackernews.com/2024/12/horns-campaign-delivers-rats-via-fake.html

📧 Kimsuky, a North Korea-aligned #hacking group, now uses Russian email services like Mail[.]ru to disguise phishing attacks aimed at stealing credentials.

Discover how these campaigns operate: https://thehackernews.com/2024/12/north-korean-kimsuky-hackers-use.html

Researchers have uncovered critical vulnerabilities in Palo Alto Networks and SonicWall VPN clients, which could allow attackers to achieve remote code execution on Windows and macOS systems, install malicious root certificates, and execute privileged commands.

A proof-of-concept tool, NachoVPN, has been released.

🔗 Read more: https://thehackernews.com/2024/12/nachovpn-tool-exploits-flaws-in-popular.html

Cybersecurity is moving beyond 'castle & moat' defenses. Modern threats target critical systems—lights, water, cities—raising stakes to safety & national security.

Legacy OT systems need modern solutions like PAM & Zero Trust to stay secure.

Learn more: https://thehackernews.com/expert-insights/2024/11/beyond-castle-walls-operational.html

A 10-year-old flaw in Cisco ASA (CVE-2014-2120) is being actively exploited. This vulnerability allows attackers to execute XSS attacks remotely.

If your Cisco ASA isn't updated, you could be the next target.

Learn more: https://thehackernews.com/2024/12/cisco-warns-of-exploitation-of-decade.html

🌊 Attacks using stolen credentials are surging, fueled by the rise in infostealers and the criminal marketplaces dealing in them.



TI feeds can alert you to stolen credentials when they appear for sale, but TI providers have no way to check if the credentials are actually valid or not.



Using Push Security, you can now eliminate the noise and get alerts only when verified credentials belonging to your employees appear on criminal marketplaces.



Push’s browser extension compares stolen credentials from widely-used TI feeds directly against the credentials your employees are actually using ✅



Find out more here 👉 https://thn.news/push-credential-detection

🚨 A new phishing campaign is slipping past email defenses! Corrupted ZIP files and Office documents bypass antivirus and spam filters, landing directly in your inbox.

🚩 Why care? These cleverly crafted files could lead you straight to fake login pages or malware-laden sites. One wrong click could cost your data—or worse.

Read the full breakdown: https://thehackernews.com/2024/12/hackers-use-corrupted-zips-and-office.html

🚨 Alert: A critical vulnerability (CVE-2024-10905) in SailPoint's IdentityIQ software exposes sensitive content.

CVSS score? A whopping 10.0—maximum severity.

Affected versions span from 8.2 to 8.4 and earlier, putting countless systems at risk. Static files that should be locked down are now vulnerable to unauthorized access.

Learn more: https://thehackernews.com/2024/12/critical-sailpoint-identityiq.html

🛡️ Veeam users, take note! A critical flaw in the Service Provider Console (CVE-2024-42448) could allow remote code execution (RCE).

CVSS score: 9.9/10—this is as serious as it gets.

🔗 Don't wait, secure your systems today — https://thehackernews.com/2024/12/veeam-issues-patch-for-critical-rce.html

Cybersecurity agencies have issued a coordinated advisory along with an urgent checklist to combat the Salt Typhoon threat—a nation-state group linked to China that has been infiltrating U.S. telecom networks to steal sensitive data.

Dive into the full story: https://thehackernews.com/2024/12/joint-advisory-warns-of-prc-backed.html

A software supply chain attack targeted Solana's popular Solana's web3.js npm library (400,000+ weekly downloads). Malicious versions (1.95.6 and 1.95.7) were designed to steal users' private keys and drain cryptocurrency wallets.

The backdoor was cleverly hidden in the “addToQueue” function, seamlessly blending into legitimate code.

Learn more here 👉 https://thehackernews.com/2024/12/researchers-uncover-backdoor-in-solanas.html

Check out @anyrun_app's Black Friday specials 🚀

🎁 Get up to 3 sandbox licenses for your team as a gift
🔎 Double your search limit in TI Lookup — #ANYRUN's threat intelligence database — for FREE

Secure your deal before Dec 8 👉 https://thn.news/anyrun-black-friday-tg

Europol has dismantled MATRIX, an invite-only encrypted messaging service used by criminals, intercepting 2.3 million messages tied to drug trafficking, arms deals, and money laundering.

Read the full story: https://thehackernews.com/2024/12/europol-dismantles-criminal-messaging.html

Russia-linked APT group Turla has been hijacking the infrastructure of a Pakistani hacking group to spy on Afghan and Indian government targets by deploying custom #malware, TwoDash and Statuezy.

Learn more: https://thehackernews.com/2024/12/russia-linked-turla-exploits-pakistani.html

🚨 CISA flags ProjectSend, Zyxel and CyberPanel flaws as actively exploited.

One of these enables attackers to bypass authentication and execute arbitrary commands — ransomware campaigns like PSAUX & Helldown are already exploiting it.

Read: https://thehackernews.com/2024/12/cisa-warns-of-active-exploitation-of.html