The Hacker News

🛑 Attackers are exploiting Fortinet's CVE-2023-48788 (CVSS 9.3) to install remote desktop tools like AnyDesk and ScreenConnect. They’ve already targeted companies across 12 countries, leveraging: » SQL injection for unauthorized access » Password recovery tools like Mimikatz » PowerShell scripts for persistence Don’t just patch vulnerabilities—assume attackers are already inside. Find details here: https://lnkd.in/gGh4r-j5

🔥 A dual Russian-Israeli national charged as the mastermind behind LockBit ransomware—a cyber weapon that caused chaos across 120+ countries and left $500M in illicit profits. » Targeted hospitals, schools, and critical infrastructure. » Gained access to systems using custom malware to disable antivirus. » LockBit is now planning a comeback with version 4.0! Explore the full story of LockBit’s rise and fall: https://lnkd.in/g_zvW_QM

The notorious Lazarus Group is targeting nuclear engineers using trojanized VNC tools disguised as job assessments for aerospace roles. They’ve introduced a new modular malware—CookiePlus—capable of evading top-tier detection systems. 🔗 Explore the full story here: https://lnkd.in/gtcvCxUQ

🚨 WARNING: Two popular npm packages, rspack/core and rspack/cli, were hacked and shipped with crypto-mining malware. 📦 445K+ weekly downloads put global developers at risk. 🔓 Attackers accessed sensitive cloud credentials. 🌍 Malware was targeted to specific countries, bypassing others. These packages are used by giants like Microsoft, Alibaba, and Discord. One compromised package = countless breached systems. 👉 Details: https://lnkd.in/gEJinB93

🔔 Alert: Two critical vulnerabilities in Sophos Firewalls could grant attackers remote code execution and privileged access. 🔧 Action Plan: ✔️ Update to v21 MR1 or newer. ✔️ Restrict SSH access immediately. ✔️ Ensure user portals are not WAN-exposed. 🔗 Full advisory here: https://lnkd.in/g3XCjpjB

🚨 CISA warns of an actively exploited critical flaw (CVE-2024-12356, CVSS: 9.8) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) products. Attackers can exploit this flaw to run arbitrary commands—no authentication required. Read: https://lnkd.in/g5_j9Aa8

Threat actors are tricking developers with fake npm packages like typescript-eslint lookalikes, amassing thousands of downloads. Compromised tools = compromised enterprises. One wrong download could breach your entire development cycle. 🔒 Your move: ✅ Review your dependencies. ✅ Learn how these attacks work. ✅ Build a resilient security strategy. 👉 Read here: https://lnkd.in/gBedBW29

🚨 What if your device unknowingly became a tool for cybercrime? It’s happening now. Mirai malware strikes Juniper SSR devices, leveraging default passwords to turn them into DDoS attack machines. Over 90% of breached systems had unaltered factory settings. 🔑 Don’t leave the door open. Secure your systems today. Read the full report: https://lnkd.in/gEX6UWQW

🛑 Fortinet's Wireless LAN Manager (FortiWLM) is vulnerable to a path traversal flaw (CVE-2023-34990) with a 9.6/10 CVSS score. Why it’s urgent: It allows attackers to... 1️⃣ Access admin accounts using static session IDs. 2️⃣ Execute unauthorized commands by chaining vulnerabilities. 3️⃣ Gain root access to your network in minutes. 🛠️ Patch now: Affected versions: 8.5.0 to 8.6.5. Fixed in 8.6.6—update immediately. Read: https://lnkd.in/gwRx596m

🔥 Critical Alert: CISA’s new directive, BOD 25-01, sets a new benchmark in cloud security for federal agencies. Why? Misconfigurations and weak controls are opening doors to attackers. Key Deadlines: » By Feb 2025: Identify all cloud tenants » By Apr 2025: Deploy SCuBA assessment tools » By Jun 2025: Implement mandatory policies 🔗 Learn how to protect your communications effectively: https://lnkd.in/gvPhgVB6 🛡️ Regularly update security configurations to reduce your attack surface.