🚨 Could Your Device Be a Secret Cybercriminal Tool?
The Federal Office of Information Security (BSI) just disrupted BADBOX, a malware preloaded on common devices like picture frames and cheap android phones.
💡 What’s the risk?
⇢ Devices turned into ad fraud machines, routing hackers' internet traffic.
⇢ Stolen authentication codes, fake Gmail & WhatsApp accounts created.
⚠️ Why it matters:
This isn’t just a malware problem—it's a supply chain crisis. If a device seems "too cheap," it might come with hidden costs.
🔗 Learn more: https://thehackernews.com/2024/12/germany-disrupts-badbox-malware-on.html
The Federal Office of Information Security (BSI) just disrupted BADBOX, a malware preloaded on common devices like picture frames and cheap android phones.
💡 What’s the risk?
⇢ Devices turned into ad fraud machines, routing hackers' internet traffic.
⇢ Stolen authentication codes, fake Gmail & WhatsApp accounts created.
⚠️ Why it matters:
This isn’t just a malware problem—it's a supply chain crisis. If a device seems "too cheap," it might come with hidden costs.
🔗 Learn more: https://thehackernews.com/2024/12/germany-disrupts-badbox-malware-on.html
👍31😱8⚡3🔥2😁1🤔1
⚠️ Ukraine’s SSU uncovered a shocking case involving 15- and 16-year-olds who were tricked by the FSB into espionage missions disguised as innocent quests, assisting in reconnaissance for airstrikes.
🔎 Key Insights:
➟ How: Teens were sent coordinates, tasked to take photos/videos of key locations.
➟ Impact: Data shared via encrypted chats led to airstrikes on Ukrainian soil.
➟ Key Arrests: Ukraine’s SSU detained multiple operatives, including a Russian police officer orchestrating the missions.
Read how Ukraine dismantled this operation and what it means for cyber and physical security.
Full story here: https://thehackernews.com/2024/12/ukrainian-minors-recruited-for-cyber.html
🔎 Key Insights:
➟ How: Teens were sent coordinates, tasked to take photos/videos of key locations.
➟ Impact: Data shared via encrypted chats led to airstrikes on Ukrainian soil.
➟ Key Arrests: Ukraine’s SSU detained multiple operatives, including a Russian police officer orchestrating the missions.
Read how Ukraine dismantled this operation and what it means for cyber and physical security.
Full story here: https://thehackernews.com/2024/12/ukrainian-minors-recruited-for-cyber.html
😁28🤯19👍14🔥6🤔5⚡1👏1
🚨 A new PHP-based backdoor, Glutton, is wreaking havoc across the globe, targeting China, the US, Cambodia, Pakistan, and South Africa. This APT41's toolkit doesn’t stop there—it’s also attacking cybercriminals!
▶ Uses compromised enterprise hosts as bait 🎣
▶ Infects popular PHP frameworks like Laravel and ThinkPHP
▶ Modular framework with 22 unique commands for stealthy infiltration
▶ Surprisingly lacks typical nation-state-level encryption—why?
▶ Leaves no files behind—ensures stealth through FastCGI processes
👉 See how Glutton operates. Read the full story: https://thehackernews.com/2024/12/new-glutton-malware-exploits-popular.html
▶ Uses compromised enterprise hosts as bait 🎣
▶ Infects popular PHP frameworks like Laravel and ThinkPHP
▶ Modular framework with 22 unique commands for stealthy infiltration
▶ Surprisingly lacks typical nation-state-level encryption—why?
▶ Leaves no files behind—ensures stealth through FastCGI processes
👉 See how Glutton operates. Read the full story: https://thehackernews.com/2024/12/new-glutton-malware-exploits-popular.html
🤯16👍6😁4🤔2😱2🔥1
Double Scammed? Here’s How - Fraudsters are re-victimizing people by offering “refunds” via Europol and Interpol-branded scams:
🛑 Fake profiles, stolen accounts, and malicious links.
💸 Promises of recovering stolen money… at a high cost.
Even educated professionals are falling prey to these advanced tactics.
👉 Explore the latest trends and expert analysis here: https://thehackernews.com/2024/12/new-investment-scam-leverages-ai-social.html
🛑 Fake profiles, stolen accounts, and malicious links.
💸 Promises of recovering stolen money… at a high cost.
Even educated professionals are falling prey to these advanced tactics.
👉 Explore the latest trends and expert analysis here: https://thehackernews.com/2024/12/new-investment-scam-leverages-ai-social.html
👍11😁6🔥2
🤖 AI + CI/CD: Innovation or Risk?
The BIG Question: How do you scale AI pipelines without risking compliance failures?
💡 3 Must-Know Facts:
1️⃣ Every 39 seconds, a cyberattack exploits governance gaps.
2️⃣ Weak AI governance can lead to irreversible biases and reputational damage.
3️⃣ Strong governance tracks every update and protects against evolving threats.
Decision-makers, this isn’t just about compliance—it’s about trust, ethics, and staying competitive.
👉 Secure your pipeline. Protect your innovation. Learn how here: https://thehackernews.com/2024/12/data-governance-in-devops-ensuring.html
The BIG Question: How do you scale AI pipelines without risking compliance failures?
💡 3 Must-Know Facts:
1️⃣ Every 39 seconds, a cyberattack exploits governance gaps.
2️⃣ Weak AI governance can lead to irreversible biases and reputational damage.
3️⃣ Strong governance tracks every update and protects against evolving threats.
Decision-makers, this isn’t just about compliance—it’s about trust, ethics, and staying competitive.
👉 Secure your pipeline. Protect your innovation. Learn how here: https://thehackernews.com/2024/12/data-governance-in-devops-ensuring.html
👍13😱4🔥3
A Serbian journalist’s phone was unlocked with Cellebrite’s tools and infected with NoviSpy, a spyware capable of:
📸 Hijacking cameras and microphones
📍 Tracking locations
🗂️ Stealing files, messages, and sensitive data
❓ Why Should You Care? This is the first known case of two invasive tools working together to spy on individuals. The misuse of surveillance tech isn't just about privacy—it's a direct threat to democracy and press freedom.
🔗 Read about the exploit: https://thehackernews.com/2024/12/novispy-spyware-installed-on.html
📸 Hijacking cameras and microphones
📍 Tracking locations
🗂️ Stealing files, messages, and sensitive data
❓ Why Should You Care? This is the first known case of two invasive tools working together to spy on individuals. The misuse of surveillance tech isn't just about privacy—it's a direct threat to democracy and press freedom.
🔗 Read about the exploit: https://thehackernews.com/2024/12/novispy-spyware-installed-on.html
🔥14🤯9👍4⚡3🤔2
Salesforce powers your business—are you securing the valuable data it manages?
Join AppOmni's interactive Salesforce SaaS Security Workshop and learn how to uncover hidden risks, prevent misconfigurations, and secure your critical data.
👉 Save your spot today: https://thn.news/appomni-workshops
Join AppOmni's interactive Salesforce SaaS Security Workshop and learn how to uncover hidden risks, prevent misconfigurations, and secure your critical data.
👉 Save your spot today: https://thn.news/appomni-workshops
👍5🔥4😁2
🚨 Malvertising Nightmare: A single ad network has been weaponized to target users with fake CAPTCHA scams, stealing credentials and money from thousands every day.
What’s happening?
🖥️ Over 3,000+ websites funnel traffic to malicious CAPTCHA pages.
💾 Victims unknowingly run dangerous PowerShell commands.
💸 Accounts and funds drained through info-stealing malware like Lumma.
👉 Learn the full story here: https://thehackernews.com/2024/12/deceptionads-delivers-1m-daily.html
What’s happening?
🖥️ Over 3,000+ websites funnel traffic to malicious CAPTCHA pages.
💾 Victims unknowingly run dangerous PowerShell commands.
💸 Accounts and funds drained through info-stealing malware like Lumma.
👉 Learn the full story here: https://thehackernews.com/2024/12/deceptionads-delivers-1m-daily.html
👍16🔥5😁5
🛡️ FBI: Hackers are hijacking IoT devices (web cameras, DVRs) using old vulnerabilities and weak passwords.
🛡️ CISA: Actively exploited flaws in Adobe ColdFusion and Windows Kernel. Public exploits exist.
🛡️ Routers: Over 20,000 DrayTek routers hit by ransomware via a zero-day exploit.
🔒 What’s the pattern? Unpatched systems + edge devices = easy targets for attackers.
—Patch critical systems immediately.
—Audit IoT, routers, and edge devices.
Enforce strong passwords and proactive monitoring.
🔗 Full analysis: https://thehackernews.com/2024/12/cisa-and-fbi-raise-alerts-on-exploited.html
🛡️ CISA: Actively exploited flaws in Adobe ColdFusion and Windows Kernel. Public exploits exist.
🛡️ Routers: Over 20,000 DrayTek routers hit by ransomware via a zero-day exploit.
🔒 What’s the pattern? Unpatched systems + edge devices = easy targets for attackers.
—Patch critical systems immediately.
—Audit IoT, routers, and edge devices.
Enforce strong passwords and proactive monitoring.
🔗 Full analysis: https://thehackernews.com/2024/12/cisa-and-fbi-raise-alerts-on-exploited.html
👍24🤔5⚡4🔥1
🛑 The Mask APT is back—this time, they’re smarter.
A decade-old espionage group is exploiting trusted tools like MDaemon WorldClient and HitmanPro drivers to bypass your defenses—undetected.
—They infect Windows, macOS, Android, and iOS seamlessly.
—New attacks spotted in 2019, 2022, and 2024 prove their persistence.
—Goreto malware uses Google Drive to fetch commands, leveraging tools we all rely on.
🔗 Full analysis reveals how this group operates: https://thehackernews.com/2024/12/the-mask-apt-resurfaces-with.html
A decade-old espionage group is exploiting trusted tools like MDaemon WorldClient and HitmanPro drivers to bypass your defenses—undetected.
—They infect Windows, macOS, Android, and iOS seamlessly.
—New attacks spotted in 2019, 2022, and 2024 prove their persistence.
—Goreto malware uses Google Drive to fetch commands, leveraging tools we all rely on.
🔗 Full analysis reveals how this group operates: https://thehackernews.com/2024/12/the-mask-apt-resurfaces-with.html
👍15🔥8👏4⚡3😱1
⚠️ Would you trust “UpdateMe.exe” or “SecurityPatch.exe”?
Cybercriminals are disguising malware as software updates to deliver CoinLurker, a stealer targeting cryptocurrency wallets.
❓ Did you know:
• Evades detection using stolen EV certificates and advanced obfuscation
• Steals data from crypto wallets (Bitcoin, Ledger Live, Exodus)
• Harvests credentials from tools like Telegram, Discord, FileZilla
🛡️ Protect Your Team:
• Use ad-blocking tools to filter suspicious links
• Train employees to spot fake software updates
• Monitor downloads for anomalies
👉 Read details here: https://thehackernews.com/2024/12/hackers-exploit-webview2-to-deploy.html
Cybercriminals are disguising malware as software updates to deliver CoinLurker, a stealer targeting cryptocurrency wallets.
❓ Did you know:
• Evades detection using stolen EV certificates and advanced obfuscation
• Steals data from crypto wallets (Bitcoin, Ledger Live, Exodus)
• Harvests credentials from tools like Telegram, Discord, FileZilla
🛡️ Protect Your Team:
• Use ad-blocking tools to filter suspicious links
• Train employees to spot fake software updates
• Monitor downloads for anomalies
👉 Read details here: https://thehackernews.com/2024/12/hackers-exploit-webview2-to-deploy.html
😁21👏9⚡5👍5🔥1
⚠️ Imagine this: Your team downloads what looks like a regular PDF. Behind the scenes? Malware that steals data, controls devices, and watches everything.
This isn’t fiction. The Bitter APT group is targeting high-value Turkish defense firm using:
• Fake World Bank PDFs as lures.
• NTFS Alternate Data Streams (ADS) to hide PowerShell malware inside harmless files.
• WmRAT & MiyaRAT to steal data, take screenshots, and run remote commands.
🔗 Learn more: https://thehackernews.com/2024/12/bitter-apt-targets-turkish-defense.html
This isn’t fiction. The Bitter APT group is targeting high-value Turkish defense firm using:
• Fake World Bank PDFs as lures.
• NTFS Alternate Data Streams (ADS) to hide PowerShell malware inside harmless files.
• WmRAT & MiyaRAT to steal data, take screenshots, and run remote commands.
🔗 Learn more: https://thehackernews.com/2024/12/bitter-apt-targets-turkish-defense.html
🔥26👍3🤔3🤯2😱2
🔒 Is your team hunting threats... or drowning in data?
Cyber attackers don’t wait. Neither should you. 5 expert techniques from @anyrun_app can help you:
• Spot threats targeting your region
• Validate suspicious IPs & scripts fast
• Track evolving TTPs to stay ahead of attackers
• Build real-time threat intel for proactive defense
⏱️ Early detection = less damage, fewer disruptions, and smarter resource allocation.
👉 Start preventing attacks. Learn the techniques here: https://thehackernews.com/2024/12/5-practical-techniques-for-effective.html
Cyber attackers don’t wait. Neither should you. 5 expert techniques from @anyrun_app can help you:
• Spot threats targeting your region
• Validate suspicious IPs & scripts fast
• Track evolving TTPs to stay ahead of attackers
• Build real-time threat intel for proactive defense
⏱️ Early detection = less damage, fewer disruptions, and smarter resource allocation.
👉 Start preventing attacks. Learn the techniques here: https://thehackernews.com/2024/12/5-practical-techniques-for-effective.html
👍15🔥4⚡2😁2
💣 From LNK to MSC — Tax-themed phishing lures are delivering stealthy backdoors using MSC files disguised as PDFs to target Pakistan.
» MSC files mimic legit Windows Management tools, making detection harder.
» The attack combines stealthy delivery and scheduled tasks for persistence.
🔗 Details here: https://thehackernews.com/2024/12/hackers-use-microsoft-msc-files-to.html
» MSC files mimic legit Windows Management tools, making detection harder.
» The attack combines stealthy delivery and scheduled tasks for persistence.
🔗 Details here: https://thehackernews.com/2024/12/hackers-use-microsoft-msc-files-to.html
🔥18👍9🤔3⚡2
⚠️ DarkGate isn’t new – but its delivery methods are evolving.
Attackers are now impersonating external suppliers on Microsoft Teams calls, tricking victims into installing AnyDesk for remote access.
🔍 DarkGate's Capabilities: Keylogging, screen capture, credential theft, and audio recording.
👉 Read the full article here: https://thehackernews.com/2024/12/attackers-exploit-microsoft-teams-and.html
Attackers are now impersonating external suppliers on Microsoft Teams calls, tricking victims into installing AnyDesk for remote access.
🔍 DarkGate's Capabilities: Keylogging, screen capture, credential theft, and audio recording.
👉 Read the full article here: https://thehackernews.com/2024/12/attackers-exploit-microsoft-teams-and.html
👍18😁8⚡4🔥1
🔥 A critical Apache Struts vulnerability (CVE-2024-53677) with a 9.5/10 CVSS score is actively being exploited, putting corporate IT stacks at risk.
» Hackers are uploading malicious files, enabling remote code execution.
» Systems running Struts versions 2.0.0 to 6.3.0.2 are vulnerable.
👉 Don’t be tomorrow’s headline. Upgrade to Struts 6.4.0+ and adopt the Action File Upload mechanism NOW to stay secure.
Find details here: https://thehackernews.com/2024/12/patch-alert-critical-apache-struts-flaw.html
» Hackers are uploading malicious files, enabling remote code execution.
» Systems running Struts versions 2.0.0 to 6.3.0.2 are vulnerable.
👉 Don’t be tomorrow’s headline. Upgrade to Struts 6.4.0+ and adopt the Action File Upload mechanism NOW to stay secure.
Find details here: https://thehackernews.com/2024/12/patch-alert-critical-apache-struts-flaw.html
👍17🔥6⚡4🤔2😱1
🔒 Meta under fire (again): The 2018 Facebook breach has just cost the company €251 million—and exposed 29 million accounts worldwide, including sensitive data such as emails, phone numbers, and even children’s information.
A flaw in the 👀 “View As” feature allowed attackers to steal access tokens and compromise user accounts.
👉 Learn more about the case: https://thehackernews.com/2024/12/meta-fined-251-million-for-2018-data.html
A flaw in the 👀 “View As” feature allowed attackers to steal access tokens and compromise user accounts.
👉 Learn more about the case: https://thehackernews.com/2024/12/meta-fined-251-million-for-2018-data.html
🔥20😁12👍8⚡2
🔒 “Words matter,” says INTERPOL.
Shifting from "pig butchering" to "romance baiting" shifts the narrative to support victims, not shame them.
Victims are not just losing money—they're trapped in emotional manipulation by transnational organized crime groups.
Read to know how these scams operate and how to defend against them 👉 https://thehackernews.com/2024/12/interpol-pushes-for-romance-baiting-to.html
Shifting from "pig butchering" to "romance baiting" shifts the narrative to support victims, not shame them.
Victims are not just losing money—they're trapped in emotional manipulation by transnational organized crime groups.
Read to know how these scams operate and how to defend against them 👉 https://thehackernews.com/2024/12/interpol-pushes-for-romance-baiting-to.html
👏12👍4⚡3😁2🔥1🤔1
APT29, a Russia-linked threat group, is repurposing legitimate red team tools for cyberespionage:
» Targeting: Governments, researchers, and think tanks
» Scale: 200 victims hit in just one day
» Method: Malicious RDP files that bypass malware defenses
Why should you care? These attacks silently steal data like credentials and sensitive documents—without leaving a trace.
🔗 Stay informed. Details here: https://thehackernews.com/2024/12/apt29-hackers-target-high-value-victims.html
» Targeting: Governments, researchers, and think tanks
» Scale: 200 victims hit in just one day
» Method: Malicious RDP files that bypass malware defenses
Why should you care? These attacks silently steal data like credentials and sensitive documents—without leaving a trace.
🔗 Stay informed. Details here: https://thehackernews.com/2024/12/apt29-hackers-target-high-value-victims.html
🔥14👍5😁3⚡1
🔒 2024’s Cybersecurity Benchmark is Here! Cynet just achieved 100% Detection Visibility and 100% Protection in the 2024 MITRE ATT&CK Evaluation.
Here’s why this matters:
🛡️ 100% Detection across every test.
🚫 No false positives, no delays.
🔒 Protection on every attack step executed.
Evaluate how your current vendor compares. Read more about Cynet’s performance: https://thehackernews.com/2024/12/only-cynet-delivers-100-protection-and.html
Here’s why this matters:
🛡️ 100% Detection across every test.
🚫 No false positives, no delays.
🔒 Protection on every attack step executed.
Evaluate how your current vendor compares. Read more about Cynet’s performance: https://thehackernews.com/2024/12/only-cynet-delivers-100-protection-and.html
😁14👍10⚡5🔥1