The post DOGE could scrap identity protections for those impacted by OPM breach, senator warns appeared first on CyberScoop.   – Read More  – CyberScoop 

When Donald Trump was on the campaign trail, he argued that coordination by the Biden administration and social media companies on disinformation during the COVID-19 pandemic and elections amounted to political censorship. He claimed that supposed censorship stifled the free and unencumbered exchange of ideas essential to democracy, and posed a clear threat to the First Amendment. “After years and...

ReversingLabs discovers dbgpkg, a fake Python debugger that secretly backdoors systems to steal data. Researchers suspect a pro-Ukraine…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Ivanti EPMM users urgently need to patch against actively exploited 0day vulnerabilities (CVE-2025-4427, CVE-2025-4428) that enable pre-authenticated remote…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Coinbase responded to a security incident with combative measures Thursday after the company said cybercriminals bribed some of the cryptocurrency exchange’s international support staff to steal data on customers. The unnamed threat group stole personally identifiable information and other sensitive data on less than 1% of Coinbase’s monthly users, the company said in a blog post. The cybercriminals contacted customers...

The message was consistent at a House cybersecurity hearing Thursday: pass legislation extending an expiring information-sharing law before it lapses in September, and worry about improving it later. Both lawmakers and witnesses at the hearing of the Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection shared that view about the pending expiration of the 2015 Cybersecurity Information Sharing Act, which...

Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. Read more in my article on the Fortra blog.  – Read More  – Graham Cluley 

Quantum computing is on the verge of revolutionizing the technology landscape, much like AI did in 2024. By the end of 2025, quantum computing will emerge as a defining force, ushering in a new era filled with both unprecedented opportunities and significant challenges in securing digital assets. While state-of-the-art quantum computers aren’t yet capable of threatening cryptographic systems, predictions suggest...

Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China. “Over the past few months, it has expanded aggressively, continuously leveraging infected devices to launch external attacks,” NSFOCUS said in a report published this week. “By  –...

Hackers from the Scattered Spider group, known for UK retail attacks, are now targeting US retailers, Google cybersecurity…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective data protection framework? In this article, we’ll explore data protection best practices from meeting  – Read...

Welcome to the second day of our first ever Pwn2OwnBerlin. Yesterday, we awarded $260,000 for some amazing research. Today looks to be even better, with more AI on the line, plus SharePoint and VMware ESXi. As always, we’ll be updating this blog with results as we have them. COLLISION – Mohand Acherir & Patrick Ventuzelo (@pat_ventuzelo) of FuzzingLabs (@fuzzinglabs) exploited...

Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability, referred to as Branch Privilege Injection (BPI), “can be exploited to misuse the prediction ...

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. “Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents,” Qualys security researcher Akshay Thorve said in a technical report. “The attack chain leverages mshta.exe for  – Read...

Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done. Attackers don’t wait. They exploit vulnerabilities within hours. Yet most organizations take days to respond to critical cloud...

The head of the Federal Trade Commission described to lawmakers Thursday new technology, personnel and infrastructure the agency needs as it prepares to implement and enforce the Take It Down Act, placing the FTC’s enforcement wing at the forefront of the fight against nonconsensual deepfake pornography. The FTC’s proposed budget holds funding at $425.7 million, the same as last fiscal...

Proofpoint has entered into an agreement to acquire Hornetsecurity Group, a Germany-based provider of Microsoft 365 security services, in a deal reportedly valued at more than $1 billion. The acquisition, described as the largest in Proofpoint’s history, comes amid accelerating consolidation in the cybersecurity industry as companies seek to broaden their offerings to enterprise customers of all sizes. While Proofpoint...

The FBI said Thursday that malicious actors have been impersonating senior U.S. government officials in a text and voice messaging campaign, using phishing texts and AI-generated audio to trick other government officials into giving up access to their personal accounts. The warning provided few details about the campaign, which started in April and appears to be ongoing. The messages have...

Coinbase insider breach: Bribed overseas agents stole user data; company rejects ransom, offers $20M reward, boosts security, and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Hundreds of victims are surfacing across the world from zero-day cyberattacks on Europe’s biggest software manufacturer and company, in a campaign that one leading cyber expert is comparing to the vast Chinese government-linked Salt Typhoon and Volt Typhoon breaches of critical infrastructure. The zero-days — vulnerabilities previously unknown to researchers or companies, but that malicious hackers have discovered — got...

Austrian privacy non-profit noyb (none of your business) has sent Meta’s Irish headquarters a cease-and-desist letter, threatening the company with a class action lawsuit if it proceeds with its plans to train users’ data for training its artificial intelligence (AI) models without an explicit opt-in. The move comes weeks after the social media behemoth announced its plans to train its...

A new wave of attacks uses PowerShell and LNK files to secretly install Remcos RAT, enabling full remote…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Reddit Struggles After Google’s New Focus on Expertise  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Over the past few years, cybersecurity experts have increasingly said that nation-state operatives and cybercriminals often blur the boundaries between geopolitical and financial motivations. A new report released Wednesday shows how North Korea has flipped that idea on its head.  North Korea has silently forged a global cyber operation that experts now liken to a mafia syndicate, with tactics and...

FrigidStealer malware targets macOS users via fake browser updates, stealing passwords, crypto wallets, and notes using DNS-based data…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cryptocurrency exchange Coinbase has disclosed that unknown cyber actors broke into its systems and stole account data for a small subset of its customers. “Criminals targeted our customer support agents overseas,” the company said in a statement. “They used cash offers to convince a small group of insiders to copy data in our customer support tools for less than 1%...

Credential protection is key to preventing breaches. Secure APIs, rotate secrets and train devs to handle credentials safely…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybercriminals aren’t so different from the rest of us — they live in the real world, and their spending and investment habits, though funded through crime, can look surprisingly ordinary. Luxury cars and lavish vacations may still grab headlines, but those perks are reserved for the most elite cybercriminals. In reality, everyday businesses — like pizza delivery, construction supplies, or tattoo...