Weekly Cybersecurity News

๐‚๐ฒ๐›๐ž๐ซ๐๐ฎ๐ฅ๐ฌ๐ž ๐„๐ฉ๐ข๐ฌ๐จ๐๐ž ๐Ÿ‘

photo of ๐‚๐ฒ๐›๐ž๐ซ๐๐ฎ๐ฅ๐ฌ๐ž ๐„๐ฉ๐ข๐ฌ๐จ๐๐ž ๐Ÿ‘

๐Ÿ•ต๏ธโ€โ™‚๏ธ๐Ÿ”“๐Ÿ’ป VMware's Critical RCE Flaw

โŸถVMware has patched CVE-2024-38812, a critical vCenter Server vulnerability (CVSS 9.8) allowing remote code execution. Make sure you're running the latest version for security!


๐Ÿ•ต๏ธโ€โ™‚๏ธ๐Ÿ”“๐Ÿ’ป Samsung Zero-Day Exploit

โŸถA zero-day in Samsungโ€™s Exynos processors (CVE-2024-44068) is being actively exploited for privilege escalation. Patched in October 2024, this flaw allows attackers to run code via media acceleration vulnerabilities.


๐Ÿ’ณ๐Ÿšจ๐Ÿ”’ Anonymous Sudan Hackers Indicted

โŸถTwo Sudanese nationals have been charged with massive DDoS attacks through Anonymous Sudan, hitting targets like ChatGPT, Microsoft, and AP, causing $10M+ in damages.


๐Ÿ”’โš ๏ธ๐Ÿ’ป Docker API Crypto Mining Attack

โŸถThreat actors are exploiting exposed Docker API servers, using SRBMiner to mine XRP cryptocurrency via the gRPC protocol over h2c.


๐Ÿ”’โš ๏ธ๐Ÿ’ป Zero-Day Targeting Docker Remote APIs

โŸถHackers are exploiting exposed Docker remote APIs with gRPC to deploy crypto miners and malware like perfctl.