U.K. National Crime Agency has disrupted Russian money laundering networks, leading to 84 arrests and the seizure of £20 million in cash and #cryptocurrency.

These networks weren’t just about money—they funded Russian espionage and connected to cybercriminal gangs across the globe.

🔗 Read more: https://thehackernews.com/2024/12/nca-busts-russian-crypto-networks.html

MirrorFace, a China-linked group, is deploying the dormant ANEL backdoor—unused since 2018—in a new spear-phishing campaign targeting Japan.

Explore how these tactics are bypassing security measures: https://thehackernews.com/2024/12/anel-and-noopdoor-backdoors-weaponized.html

🚨 Chinese hackers launched a stealthy four-month-long cyberattack targeting a major U.S. organization, harvesting emails and stealing sensitive data.

The attackers exploited Exchange Servers and used advanced tools like FileZilla and PowerShell.

Read the full story 👉 https://thehackernews.com/2024/12/researchers-uncover-4-month-cyberattack.html

🚨 Earth Minotaur is using an advanced toolkit, MOONSHINE, to deploy the DarkNimbus backdoor across Android and Windows devices, targeting vulnerable communities like Tibetans and Uyghurs.

Find details here —https://thehackernews.com/2024/12/hackers-target-uyghurs-and-tibetans.html

🚨 A critical vulnerability (CVE-2024-41713) in Mitel MiCollab could let attackers access sensitive system files and potentially perform unauthorized administrative actions without authentication.

Full details here: https://thehackernews.com/2024/12/critical-mitel-micollab-flaw-exposes.html

Europol has shut down Manson Market, a notorious marketplace facilitating large-scale online fraud, seizing over 50 servers and arresting two suspects.

Learn more: https://thehackernews.com/2024/12/europol-shuts-down-manson-market-fraud.html

🚨 77 banks and crypto exchanges under attack...

DroidBot, a new Android malware, is wreaking havoc across Europe. This $3,000/month malware-as-a-service disguises itself as popular apps to infiltrate devices.

Discover how this hidden threat operates and which countries are under attack: https://thehackernews.com/2024/12/this-3000-android-trojan-targeting.html

⚠️ Gamaredon threat actor is leveraging Cloudflare Tunnels and DNS fast-fluxing to hide malware delivery systems, targeting Ukrainian entities with GammaDrop malware.

Learn about these advanced tactics: https://thehackernews.com/2024/12/hackers-leveraging-cloudflare-tunnels.html

🚨 New Malware Alert! Passwords, cookies, and more—gone in seconds.

The RevC2 backdoor, part of the More_eggs operation, is now stealing browser data using WebSockets.

Read the full story here: https://thehackernews.com/2024/12/moreeggs-maas-expands-operations-with.html

🚨 New vulnerabilities in MLflow, H2O, PyTorch, and MLeap expose open-source machine learning (ML) tools and AI frameworks to the risk of remote code execution.

Read the full story for more details: https://thehackernews.com/2024/12/researchers-uncover-flaws-in-popular.html

A Russian programmer's Android phone was secretly implanted with spyware by the FSB after his detention for allegedly donating to Ukraine.

The spyware could record phone calls, track location, log keystrokes, and even extract encrypted messages.

Learn how this spyware operates: https://thehackernews.com/2024/12/fsb-uses-trojan-app-to-monitor-russian.html

🎭 When democracy doesn’t go your way… Just Reset™

Romania’s Constitutional Court annulled the presidential election after the losing government cried foul over Russian interference, claiming 25,000 TikTok accounts and 85,000 cyberattacks swayed the results.

Read the details: https://thehackernews.com/2024/12/romania-cancels-presidential-election.html

🚨 Cybercriminals are luring Web3 professionals into traps using fake video conferencing apps.

These apps deliver "Realst," an information stealer targeting sensitive data like #cryptocurrency wallets and Telegram credentials.

Read here: https://thehackernews.com/2024/12/hackers-using-fake-video-conferencing.html

🚨 Software supply chain attack alert!

Two popular Python AI library versions, Ultralytics 8.3.41 & 8.3.42, were compromised to deliver cryptocurrency miners.

Read details here: https://thehackernews.com/2024/12/ultralytics-ai-library-compromised.html

🚨 A botnet named Socks5Systemz has infected over 85,000 machines worldwide, transforming them into anonymous proxy servers marketed on PROXY[.]AM for as much as $700/month.

Learn more: https://thehackernews.com/2024/12/socks5systemz-botnet-powers-illegal.html

🔑 Identity isn’t enough. Privileged access needs extra layers of security.

From privilege elevation to quantum-safe connections, here are 7 bolt-ons IAMs like Entra ID need now.

Secure your critical sessions. Read more: https://thehackernews.com/2024/12/seven-bolt-ons-to-make-your-entra-id.html

🛑 Researchers uncover DeepSeek’s XSS vulnerability and Anthropic’s Claude’s “ZombAIs” technique, revealing how prompt injection can hijack user accounts and execute malicious commands.

Learn how these attacks work: https://thehackernews.com/2024/12/researchers-uncover-prompt-injection.html

Exabyte-scale data is here, and traditional methods can’t handle the challenges of securing it across multi-cloud environments.

Learn how Sentra’s Data Security Platform helps organizations tackle these challenges.

Read: https://thn.news/sentra-exabyte-data-security

🚨 Black Basta ransomware operators have adopted new social engineering tricks, targeting victims with email bombs and impersonating IT staff on Microsoft Teams.

Click for insights 👉 https://thehackernews.com/2024/12/black-basta-ransomware-evolves-with.html

⚠️ A Russia-linked group, UAC-0185, is ramping up phishing attacks targeting Ukraine's defense forces. These attacks use malware delivered through malicious links, leveraging PowerShell scripts and HTML applications to install remote control tools like MeshAgent, giving attackers full access to compromised systems.

Full details: https://thehackernews.com/2024/12/cert-ua-warns-of-phishing-attacks.html