📣 ALERT: CISA flags 8 severe vulnerabilities currently exploited in the wild - 6 affecting Samsung phones and 2 in D-Link devices.

Full info here 👉 https://thehackernews.com/2023/07/cisa-flags-8-actively-exploited-flaws.html

🚨 Critical Alert! Over 330,000 FortiGate firewalls are still vulnerable to the critical CVE-2023-27997 RCE exploit!

Don't be a sitting duck, PATCH NOW!

Learn more: https://thehackernews.com/2023/07/alert-330000-fortigate-firewalls-still.html

Neo_Net, a Mexican e-crime actor, is behind an Android malware campaign that's stolen €350,000+ and compromised PII data.

Read details: https://thehackernews.com/2023/07/mexico-based-hacker-targets-global.html

Don't be fooled by the façade - ensure your banking app is legit!

DDoSia attack tool gets an upgrade! Now conceals target lists with new encryption methods.

Learn more: https://thehackernews.com/2023/07/ddosia-attack-tool-evolves-with.html

🔔 Attention companies: the Swedish watchdog warns against using Google Analytics over Data Protection risks linked to U.S. surveillance.

Learn the full story here: https://thehackernews.com/2023/07/swedish-data-protection-authority-warns.html

Meta's Instagram Threads, poised as the next Twitter rival, hits a roadblock in Europe over privacy concerns.

Why? The app's extensive user data collection may not comply with EU's strict privacy standards.

Learn more: https://thehackernews.com/2023/07/instagrams-twitter-alternative-threads.html

🔥Developers, beware! npm packages are vulnerable to "manifest confusion."

This could serve as a backdoor for malicious code, hiding in your project dependencies, potentially triggering a dreaded supply chain attack.

Learn more: https://thehackernews.com/2023/07/nodejs-users-beware-manifest-confusion.html

⚡ Discover the power of automated IoT security testing with BugProve firmware analysis tool.

✅ Detects zero-day vulnerabilities
✅ Monitors emerging threats
✅ Compliance support
✅ Remediation recommendations

Try it for FREE https://thn.news/firmware-analysis-tool
Get 50% OFF - Limited time offer: https://thn.news/BugProve

RedEnergy, a sophisticated stealer-as-a-ransomware threat, is targeting energy utilities, oil, gas, telecom, and machinery sectors, using LinkedIn pages to deceive and compromise valuable information.

Learn more about this cyberattack: https://thehackernews.com/2023/07/redenergy-stealer-as-ransomware-threat.html

Suspected leader of OPERA1ER hacking crew, responsible for $11 Million+ in theft, has been arrested in an international operation.

Learn more here: https://thehackernews.com/2023/07/interpol-nabs-hacking-crew-opera1ers.html

A potentially massive cyberattack campaign is targeting cloud-native environments. Researchers unearthed an aggressive worm exploiting JupyterLab and Docker APIs. It deploys Tsunami malware and hijacks resources.

Read: https://thehackernews.com/2023/07/silentbob-campaign-cloud-native.html

Is your organization eligible for cyber insurance?

Discover the crucial role of regular penetration testing in assessing your cybersecurity risk profile.

Learn more: https://thehackernews.com/2023/07/how-pen-testing-can-soften-blow-on.html

New Linux kernel vulnerability uncovered → StackRot (CVE-2023-3269) opens doors to unauthorized elevated privileges.

Details here: https://thehackernews.com/2023/07/researchers-uncover-new-linux-kernel.html

DDoS attacks are becoming stronger, larger, and more complex! Power spikes from 600 Gbps to 800 Gbps, warns Gcore Radar.

Discover how to combat this growing threat: https://thehackernews.com/2023/07/surviving-800-gbps-storm-gain-insights.html

Iranian nation-state actor TA453 continues to evolve its tactics, deploying novel infection chains and malware (GorjolEcho and NokNok) to infiltrate both Windows and macOS systems.

Learn more: https://thehackernews.com/2023/07/iranian-hackers-sophisticated-malware.html

🚨 New TrueBot variants strike US and Canada. Exploiting Netwrix Auditor's vulnerability, they infiltrate networks, steal data, and distribute ransomware.

Patch up. Details here: https://thehackernews.com/2023/07/cybersecurity-agencies-sound-alarm-on.html

JumpCloud takes precautionary action against an ongoing cybersecurity incident by resetting API keys for affected clients.

Learn more: https://thehackernews.com/2023/07/jumpcloud-resets-api-keys-amid-ongoing.html

Brace yourself for temporary disruptions in certain functionalities.

🔐 Google's latest Android security updates are here! Patching 46 new vulnerabilities, including 3 actively exploited flaws. One flaw enabled spyware infiltration on Samsung devices.

Read details here: https://thehackernews.com/2023/07/google-releases-android-patch-update.html

Microsoft uncovers the ruthless efficiency of ransomware attacks.

In just 5 days, hackers complete the entire attack process, breaching systems, encrypting vital data, and holding organizations hostage.

Details: https://thehackernews.com/2023/07/blackbyte-20-ransomware-infiltrate.html

Mastodon, the decentralized social network, releases critical security update. Update your instance ASAP to prevent potential DoS and remote code execution attacks.

Read details: https://thehackernews.com/2023/07/mastodon-social-network-patches.html

🔒 Yet another critical SQL injection vulnerability (CVE-2023-36934) uncovered in popular MOVEit Transfer—the same software that was exploited in a series of recent cyberattacks to deploy Clop #ransomware.

Read details: https://thehackernews.com/2023/07/another-critical-unauthenticated-sqli.html