Ivanti customers are confronting another string of attacks linked to an actively exploited vulnerability in the company’s VPN products. Mandiant said a nation-state backed espionage group linked to China has been exploiting the critical vulnerability, CVE-2025-22457, since mid-March. The threat group, which Google Threat Intelligence Group tracks as UNC5221, has a knack for exploiting Ivanti products and has successfully —...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: RTU500 series Vulnerabilities: Null Pointer Dereference, Insufficient Resource Pool, Missing Synchronization 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Hitachi Energy products are affected: RTU500 series...
A Vulnerability has been discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways which could allow for remote code execution. Ivanti Connect Secure (formerly Pulse Connect Secure) is a widely deployed SSL VPN solution that provides secure and controlled access to corporate data and applications for remote and mobile users, offering features like single sign-on, multi-factor authentication, and...
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Thunderbird is an email client. Successful exploitation of the most...
This article has been updated with a statement from a Twilio spokesperson in response to Hackread.com’s request. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used by cybercriminals and state-sponsored actors to evade detection and maintain resilient command and control infrastructure. Fast flux involves rapidly changing or swapping out IP addresses linked to a particular domain. These quick changes render malicious activity nearly invisible to defensive measures. When fast...
International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used by cybercriminals and state-sponsored actors to evade detection and maintain resilient command and control infrastructure. Fast flux involves rapidly changing or swapping out IP addresses linked to a particular domain. These quick changes render malicious activity nearly invisible to defensive measures. When fast...
Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection,” Microsoft said in a report shared with The – Read More ...
Cybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: B&R Equipment: APROL Vulnerabilities: Inclusion of Functionality from Untrusted Control Sphere, Incomplete Filtering of Special Elements, Improper Control of Generation of Code (‘Code Injection’), Improper Handling of Insufficient Permissions or Privileges , Allocation of Resources Without Limits or Throttling, Missing Authentication for Critical Function, Exposure of...
CISA released five Industrial Control Systems (ICS) advisories on April 3, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-093-01 Hitachi Energy RTU500 Series ICSA-25-093-02 Hitachi Energy TRMTracker ICSA-25-093-03 ABB ACS880 Drives Containing CODESYS RTS ICSA-25-093-04 ABB Low Voltage DC Drives and Power Controllers CODESYS RTS ICSA-25-093-05 B&R APROL CISA encourages users and...
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: ABB Equipment: DCT880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3), DCT880 memory unit incl. Power Optimizer, DCS880 memory unit incl. ABB Drive Application Builder license (IEC 61131-3), DCS880 memory unit incl. DEMag, DCS880 memory unit incl. DCC Vulnerabilities: Improper Input Validation, Out-of-bounds Write,...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TRMTracker Vulnerabilities: Improper Neutralization of Special Elements used in an LDAP Query (‘LDAP Injection’), Improper Neutralization of Special Elements in Output Used by a Downstream Component (‘Injection’), Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) 2. RISK EVALUATION Successful exploitation of...
An international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users – Read More –
HellCat – the ransomware gang that has been known to demand payment… in baguettes! Are they rolling in the dough? Bread it and weep in my article on the Tripwire State of Security blog. – Read More – Graham Cluley
A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process – Read More –
The first-of-its-kind solution integrates with company codebases, enabling AI agents to work in-context and generate production-grade, front-end code in minutes. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Jacksonville, United States, 3rd April 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Artificial Intelligence (AI) is reshaping the cybersecurity landscape, enabling organizations to detect threats faster, automate responses, and enhance overall… The post AI Governance in Cybersecurity: Balancing Innovation and Risk appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by – Read More –...
The cybercriminal uses the service of Proton66, an infamous Russian-based bulletproof hosting provider, to deploy malware – Read More –
Cybersecurity researcher Jeremiah Fowler uncovers a massive 47.8GB database with disturbing AI-generated content belonging to GenNomis. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it’s also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and slipping past old defenses without being noticed. And here’s the harsh truth: If your security strategy hasn’t evolved with AI in mind, you’re already behind. But you’re not alone—and –...
Today, CISA—in partnership with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), Canadian Centre for Cyber Security (CCCS), and New Zealand’s National Cyber Security Centre (NCSC-NZ)—released joint Cybersecurity Advisory Fast Flux: A National Security Threat (PDF, 841 KB). This advisory warns organizations, internet service providers (ISPs), and cybersecurity service...
AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles. Imagine this all-too-familiar scenario: A CISO wants to deploy an AI-driven SOC to handle the overwhelming volume of security – Read More –...
Executive summary Many networks have a gap in their defenses for detecting and blocking a malicious technique known as “fast flux.” This technique poses a significant threat to national security, enabling malicious cyber actors to consistently evade detection. Malicious cyber actors, including cybercriminals and nation-state actors, use fast flux to obfuscate the locations of malicious servers by rapidly changing Domain...
Highline Public Schools revealed that sensitive personal, financial and medical data was accessed by ransomware attackers during the September 2024 incident – Read More –
Semperis claims 62% of water and electricity providers were hit by cyber-attacks in the past year – Read More –
BforeAI researchers discover 596 suspicious Bybit-themed domains designed to defraud visitors – Read More –
Cybersecurity researchers have disclosed details of a new vulnerability impacting Google’s Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target’s device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by ...
Why it’s essential to secure your APIs to build trust with your customers and partners. – Read More – NCSC Feed
Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada. “More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia,” Kaspersky said in a report. The infections were recorded between March 13 and 27,...
In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). “A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025,” Europol said in a statement. “On March 11, 2025, the server, which contained around 72,000 videos at the time,...
Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration. “This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect,” Jscrambler researchers Pedro – Read More –...
Multiple vulnerabilities have been discovered in IBM AIX, the most severe of which could allow for arbitrary code execution. IBM AIX is a secure and reliable Unix operating system designed for IBM’s Power Systems. It supports modern applications and provides strong security features, making it ideal for mission-critical business environments. Successful exploitation of these vulnerabilities could allow for arbitrary code execution...
The Growing Threat of Digital Identity Theft Identity theft is a continuous online threat that lurks behind every… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Accidentally deleted some photos from your iPhone? You’re definitely not alone; most iPhone users have done it at… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details, and don’t lose your life savings in a whisky scam… All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus! Don’t miss our featured interview with...
Leaders of a key House subcommittee criticized the Trump administration’s personnel cuts at the Cybersecurity and Infrastructure Security Agency on Wednesday, with its chairman saying he wants CISA to take on more responsibilities, not less — some of which figure into his legislative priorities. Rep. Andrew Garbarino, the New York Republican who chairs the House Homeland Security Subcommittee on Cybersecurity...
A top Cyber Command official said the agency has been able to use generative AI tools to dramatically cut down the time spent analyzing network traffic for malicious activity. Executive Director Morgan Adamski said Wednesday that as Cybercom has worked to build AI capabilities across different missions, the agency is already seeing a return on investment for certain cybersecurity functions....
Post Content – Read More – IC3.gov News
Dark web child abuse hub ‘Kidflix’ dismantled in global operation. 1.8M users, 91,000+ CSAM videos exposed. 79 arrests, 39 children rescued. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Hacker leaks 144GB of sensitive Royal Mail Group data, including customer info and internal files, claiming access came via supplier Spectos. Investigation underway! – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious scripts into pages – Read More –
A cyber threat actor has claimed to have leaked 144GB of data from Royal Mail users – Read More –
China-linked APT group FamousSparrow hits targets in the Americas using upgraded SparrowDoor malware in new cyberespionage campaign, ESET reports. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Gray bots surge as generative AI scraper activity increases, impacting web applications with millions of requests daily – Read More –
Delaware, USA, 2nd April 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
A critical vulnerability (CVE-2025-1268) in Canon printer drivers allows remote code execution. See which drivers are affected, how to patch them. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access container images and even inject malicious code. “The vulnerability could have allowed such an identity to abuse its Google Cloud Run revision edit permissions in order to pull private Google Artifact – Read...
