BleepingComputer:
- MoveIT Zero-Day Exploited by Chinese Hackers: Chinese hackers have been actively exploiting a zero-day vulnerability in the MoveIT software. This flaw allows unauthorized access to sensitive data, posing a significant threat to users. The vulnerability has already been patched, and users are urged to update their systems immediately (Security Affairs).
- Microsoft Defender Flaw Exploited: Cybercriminals have been leveraging a flaw in Microsoft Defender to distribute various malware, including ACR, Lumma, and Meduza stealers. This vulnerability allows attackers to bypass security protocols and execute malicious code on affected systems (The Hacker News).
DarkReading:
- New MacOS Spyware 'CloudMensis': ESET researchers have discovered a new macOS spyware, dubbed CloudMensis. This malware uses public cloud storage services like pCloud, Yandex Disk, and Dropbox to receive commands and exfiltrate data from infected systems. CloudMensis targets both Intel and Apple silicon architectures and is primarily used in highly targeted attacks (The Hacker News).
- Chinese Hackers Target Taiwan and U.S. NGOs: Chinese cybercriminals have been identified targeting Taiwanese and U.S. non-governmental organizations (NGOs) using MgBot and MACMA malware. These attacks aim to gather intelligence and disrupt operations of targeted entities (The Hacker News).
The Hacker News:
- Critical Flaw in Windows Containers: Microsoft issued an emergency patch for a critical vulnerability in the Windows Host Compute Service Shim (hcsshim). This flaw, tracked as CVE-2018-8115, allows remote code execution on Windows hosts via Docker container images. Users are advised to update to the latest version to mitigate the risk (The Hacker News).
For more detailed information, you can visit the articles on BleepingComputer, DarkReading, and The Hacker News.