π¨ New Vulnerability Alert!
CISA has added another critical BeyondTrust flaw to its "Known Exploited Vulnerabilities" catalogβthis time, impacting Privileged Remote Access (PRA) and Remote Support (RS).
Attackers are actively exploiting it β CVE-2024-12686.
Read more: https://thehackernews.com/2025/01/cisa-adds-new-beyondtrust-flaw-to-kev.html
CISA has added another critical BeyondTrust flaw to its "Known Exploited Vulnerabilities" catalogβthis time, impacting Privileged Remote Access (PRA) and Remote Support (RS).
Attackers are actively exploiting it β CVE-2024-12686.
Read more: https://thehackernews.com/2025/01/cisa-adds-new-beyondtrust-flaw-to-kev.html
π15π4
β οΈ VMware vCenter = Goldmine for Attackers.
Attackers are exploiting root-level access with the βvpxuserβ account to control ESXi infrastructure. If itβs breached, everything is at risk.
π Discover expert tips on strengthening your defenses and preventing catastrophic breaches: https://thehackernews.com/2025/01/ransomware-on-esxi-mechanization-of.html
Attackers are exploiting root-level access with the βvpxuserβ account to control ESXi infrastructure. If itβs breached, everything is at risk.
π Discover expert tips on strengthening your defenses and preventing catastrophic breaches: https://thehackernews.com/2025/01/ransomware-on-esxi-mechanization-of.html
π17π3π€―1
A new credit card skimmer targeting WordPress e-commerce sites has been discovered.
β€· Malicious JavaScript code is injected into WordPress databases.
β€· It activates ONLY on checkout pages to steal sensitive payment info.
β€· This stealthy malware evades traditional detection tools, making it a serious threat.
This attack is incredibly difficult to spot, putting your customers' data and your reputation at risk.
π Read more: https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html
β€· Malicious JavaScript code is injected into WordPress databases.
β€· It activates ONLY on checkout pages to steal sensitive payment info.
β€· This stealthy malware evades traditional detection tools, making it a serious threat.
This attack is incredibly difficult to spot, putting your customers' data and your reputation at risk.
π Read more: https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html
π₯20π11π€―8
β οΈ WARNING: Zero-Day Exploit Likely Behind Fortinet Attack.
Attackers created super admin accounts, hijacked SSL VPNs, and moved laterally through networks to extract credentials.
Learn more in the full article: https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html
Attackers created super admin accounts, hijacked SSL VPNs, and moved laterally through networks to extract credentials.
Learn more in the full article: https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html
π€―23π8π₯8π€3
HuiOne Guarantee, an illicit Telegram-based marketplace, has surpassed Hydra with $24B in crypto inflows.
β€· $150K funneled from North Koreaβs Lazarus hacking group π»
β€· Facilitating romance scams, human trafficking, and money laundering
β€· Monthly inflows up 51% since July 2024 π
Learn more: https://thehackernews.com/2025/01/illicit-huione-telegram-market.html
β€· $150K funneled from North Koreaβs Lazarus hacking group π»
β€· Facilitating romance scams, human trafficking, and money laundering
β€· Monthly inflows up 51% since July 2024 π
Learn more: https://thehackernews.com/2025/01/illicit-huione-telegram-market.html
π16π7π€4π1
π¨ Russian cyber attackers are actively targeting Kazakhstanβs Ministry of Foreign Affairsβthis isn't just a cyber attack; itβs an espionage campaign to steal sensitive political and economic data.
The attackers use infected Microsoft Office docs to bypass security and deploy powerful malware like HATVIBEβdesigned to remain undetected.
Learn more: https://thehackernews.com/2025/01/russian-linked-hackers-target.html
The attackers use infected Microsoft Office docs to bypass security and deploy powerful malware like HATVIBEβdesigned to remain undetected.
Learn more: https://thehackernews.com/2025/01/russian-linked-hackers-target.html
π22π₯7π±7π€5π3π€―1
π¨ 4 Reasons Your SaaS Attack Surface Can No Longer be Ignored in 2025!
π 200 new SaaS accounts/month for 100 employeesβeach a potential breach point.
π― 50% of breaches target SaaS apps.
π€ Unmanaged GenAI tools pose huge security risks.
βοΈ Weak SaaS security = GDPR/CCPA violations.
Securing your SaaS is no longer optional!
π Learn how to protect your SaaS environment now: https://thehackernews.com/2025/01/4-reasons-your-saas-attack-surface-can.html
π 200 new SaaS accounts/month for 100 employeesβeach a potential breach point.
π― 50% of breaches target SaaS apps.
π€ Unmanaged GenAI tools pose huge security risks.
βοΈ Weak SaaS security = GDPR/CCPA violations.
Securing your SaaS is no longer optional!
π Learn how to protect your SaaS environment now: https://thehackernews.com/2025/01/4-reasons-your-saas-attack-surface-can.html
π8π2β‘1
π£ Tomorrow! Join a live webinar on AI security. Explore how agentic systems are reshaping traditional DevSecOps practices and discover top AI security use cases in todayβs enterprises.
Join James Berthoty, Ron Bitton, and Dor Sarig for an in-depth discussion on agentic-related risks and a 2025 forecast. Donβt miss out!
π Wednesday, January 15th, 11:30am ET
π Register here: https://thn.news/ai-security-navigating
Join James Berthoty, Ron Bitton, and Dor Sarig for an in-depth discussion on agentic-related risks and a 2025 forecast. Donβt miss out!
π Wednesday, January 15th, 11:30am ET
π Register here: https://thn.news/ai-security-navigating
π14π€4π1
Googleβs OAuth login exposes a critical vulnerability, allowing attackers to access old employee accounts simply by purchasing a defunct domain from a failed startup.
Learn how this vulnerability could affect your organization: https://thehackernews.com/2025/01/google-oauth-vulnerability-exposes.html
Learn how this vulnerability could affect your organization: https://thehackernews.com/2025/01/google-oauth-vulnerability-exposes.html
π16π±9π5π€―5π2
π New macOS flaw (CVE-2024-44243) discovered!
Attackers could have bypassed crucial protections to install persistent malware and rootkits, potentially letting them take full control of your system.
Explore the details: https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html
Attackers could have bypassed crucial protections to install persistent malware and rootkits, potentially letting them take full control of your system.
Explore the details: https://thehackernews.com/2025/01/microsoft-uncovers-macos-vulnerability.html
π₯13π6π±6π1
π¨ UPDATE: Fortinet Confirms Critical Zero-Day π¨
CVE-2024-55591 in FortiOS & FortiProxy (CVSS 9.6) allows attackers to gain super-admin access & hijack firewalls.
Affected versions: FortiOS 7.0.0-7.0.16 & FortiProxy 7.0.0-7.2.12.
Upgrade now to 7.0.17+ or 7.0.20+ to mitigate risk.
https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html
CVE-2024-55591 in FortiOS & FortiProxy (CVSS 9.6) allows attackers to gain super-admin access & hijack firewalls.
Affected versions: FortiOS 7.0.0-7.0.16 & FortiProxy 7.0.0-7.2.12.
Upgrade now to 7.0.17+ or 7.0.20+ to mitigate risk.
https://thehackernews.com/2025/01/zero-day-vulnerability-suspected-in.html
π₯29π17β‘6π2
π΄ Critical Alert: Microsoft has just released a massive patch for 161 vulnerabilities across its software, including 3 zero-day flaws that have been actively exploited.
β€· CVE-2025-21333
β€· CVE-2025-21334
β€· CVE-2025-21335
Patch now: https://thehackernews.com/2025/01/3-actively-exploited-zero-day-flaws.html
β€· CVE-2025-21333
β€· CVE-2025-21334
β€· CVE-2025-21335
Patch now: https://thehackernews.com/2025/01/3-actively-exploited-zero-day-flaws.html
π28π₯18π6π3β‘2
π¨ Critical Flaws Discovered in SimpleHelp Software!
An attacker could exploit these flaws to execute remote code, steal sensitive data, and bring your entire system down.
β Action required NOW:
β€· SimpleHelp has released critical patches.
β€· Change admin passwords immediately.
β€· Restrict logins to trusted IP addresses.
Read: https://thehackernews.com/2025/01/critical-simplehelp-flaws-allow-file.html
An attacker could exploit these flaws to execute remote code, steal sensitive data, and bring your entire system down.
β Action required NOW:
β€· SimpleHelp has released critical patches.
β€· Change admin passwords immediately.
β€· Restrict logins to trusted IP addresses.
Read: https://thehackernews.com/2025/01/critical-simplehelp-flaws-allow-file.html
π7β‘3π₯3π€2
π₯ FBI removes PlugX malware from 4,250+ compromised computers.
$7 β thatβs all it took for the FBI to sink a hacker-controlled server and trigger a "self-delete" command.
Learn more: https://thehackernews.com/2025/01/fbi-deletes-plugx-malware-from-4250.html
$7 β thatβs all it took for the FBI to sink a hacker-controlled server and trigger a "self-delete" command.
Learn more: https://thehackernews.com/2025/01/fbi-deletes-plugx-malware-from-4250.html
β‘23π7π4π₯1
π¨ Six critical security flaws disclosed in Rsync could allow attackers to execute arbitrary code on clients.
Any server with a public mirror could be exploited, putting SSH keys and other critical files at risk.
Read the full advisory: https://thehackernews.com/2025/01/google-cloud-researchers-uncover-flaws.html
Any server with a public mirror could be exploited, putting SSH keys and other critical files at risk.
Read the full advisory: https://thehackernews.com/2025/01/google-cloud-researchers-uncover-flaws.html
π₯15π8π€―4
β οΈ Cyber-attacks on ICS/OT are escalatingβAre YOU prepared?
β€· ICS/OT security demands custom strategies, not IT playbooks.
β€· Cyber-attacks are growing, threatening power grids, water systems, and more.
π Check out the SANS Five ICS/OT Cybersecurity Critical Controls: https://thehackernews.com/2025/01/the-high-stakes-disconnect-for-icsot.html
β€· ICS/OT security demands custom strategies, not IT playbooks.
β€· Cyber-attacks are growing, threatening power grids, water systems, and more.
π Check out the SANS Five ICS/OT Cybersecurity Critical Controls: https://thehackernews.com/2025/01/the-high-stakes-disconnect-for-icsot.html
π11π€2π₯1
π North Korean hackers behind IT worker fraud linked to 2016 crowdfunding scam!
These attacks arenβt slowing down. With DPRK-backed groups like Lazarus leading crypto thefts, the scale of cybercrime has reached alarming levels.
π Read the full report: https://thehackernews.com/2025/01/north-korean-it-worker-fraud-linked-to.html
These attacks arenβt slowing down. With DPRK-backed groups like Lazarus leading crypto thefts, the scale of cybercrime has reached alarming levels.
π Read the full report: https://thehackernews.com/2025/01/north-korean-it-worker-fraud-linked-to.html
π24π₯2π€2
π΄ Warning: North Koreaβs Lazarus Group is targeting Web3 and cryptocurrency developers!
Fake recruiters on LinkedIn are tricking developers with βcoding projectsβ that lead to malware.
π Learn more about their tactics: https://thehackernews.com/2025/01/lazarus-group-targets-web3-developers.html
Fake recruiters on LinkedIn are tricking developers with βcoding projectsβ that lead to malware.
π Learn more about their tactics: https://thehackernews.com/2025/01/lazarus-group-targets-web3-developers.html
π17π₯10β‘3
π§ A new malvertising campaign is targeting businesses by stealing Google Ads credentials! Hereβs how it works:
β€· Ads that look legitimate lead to fraudulent login pages.
β€· Phishers steal 2FA codes and credentials.
β€· The goal? Hijack Google Ads accounts to run fraudulent ads.
π Read more here: https://thehackernews.com/2025/01/google-ads-users-targeted-in.html
β€· Ads that look legitimate lead to fraudulent login pages.
β€· Phishers steal 2FA codes and credentials.
β€· The goal? Hijack Google Ads accounts to run fraudulent ads.
π Read more here: https://thehackernews.com/2025/01/google-ads-users-targeted-in.html
π17π±7π₯5β‘4π€―2
π¨ URGENT: A Python-based backdoor is now used in RansomHub ransomware attacks after initial access via a fake browser update.
π
Want to learn more? Read: https://thehackernews.com/2025/01/python-based-malware-powers-ransomhub.html
π
Want to learn more? Read: https://thehackernews.com/2025/01/python-based-malware-powers-ransomhub.html
β‘13π2π₯2