Zero-Day ALERT: Update Your Chrome Browser ASAP!

The Hacker News Daily Updates [Newsletter]( [cover]( [Supporting Operational Technology's Cybersecurity Mission with XONA]( Download this paper to discover what the Top 10 Operational Technology Security Controls & Challenges [Download Now]( Sponsored LATEST NEWS Apr 15, 2023 [Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability]( Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis Group (TAG) has ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities]( The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT Polska team, the observed activity shares tactical overlaps with a cluster tracked by Microsoft ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen]( Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages. What's more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. "MyBB admin logs show the account of a trusted but ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Severe Android and Novi Survey Vulnerabilities Under Active Exploitation]( The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability CVE-2023-29492 (CVSS score: TBD) - Novi Survey Insecure Deserialization ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Webinar: Tips from MSSPs to MSSPs – Building a Profitable vCISO Practice]( In today's fast-paced and ever-changing digital landscape, businesses of all sizes face a myriad of cybersecurity threats. Putting in place the right people, technological tools and services, MSSPs are in a great position to ensure their customers' cyber resilience. The growing need of SMEs and SMBs for structured cybersecurity services can be leveraged by MSPs and MSSPs to provide ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management]( Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they're known and fixed, which is the real story," the company said in an announcement. "Those risks span everything ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware]( Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang's strict ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks]( Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [Supporting Operational Technology's Cybersecurity Mission with XONA]( Download this paper to discover what the Top 10 Operational Technology Security Controls & Challenges [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India