A Dallas, Texas-based clinical research firm had its database exposed, containing sensitive personal healthcare records of over 1.6…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret. The activity, linked to North Korea, has been codenamed DeceptiveDevelopment, which overlaps with clusters tracked under the names Contagious Interview (aka CL-STA-0240), DEV#POPPER, Famous Chollima,  – Read More  – The Hacker News 

FBI and CISA warn of Ghost ransomware, a China-based cyber threat targeting businesses, schools, and healthcare worldwide by exploiting software vulnerabilities.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. “The legitimate application used in the attack, jarsigner, is a file created during the installation of the IDE package distributed by the Eclipse Foundation,” the AhnLab SEcurity Intelligence Center (ASEC)  – Read More ...

A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoLocker in some cases. The campaign, codenamed Green Nailao by Orange Cyberdefense CERT, involved the exploitation of a new-patched security flaw  – Read More  – The Hacker...

The payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against email fraud, domain spoofing, and phishing in the financial space. This is not an optional requirement as non-compliance may result in monetary  – Read More ...

For decades, Microsoft Exchange has been the backbone of business communications, powering emailing, scheduling and collaboration for organizations worldwide. Whether deployed on-premises or in hybrid environments, companies of all sizes rely on Exchange for seamless internal and external communication, often integrating it deeply with their workflows, compliance policies and security frameworks  – Read More  – The Hacker News 

Citrix has released security updates for a high-severity security flaw impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent that could lead to privilege escalation under certain conditions. The vulnerability, tracked as CVE-2024-12284, has been given a CVSS v4 score of 8.8 out of a maximum of 10.0 It has been described as a case of improper privilege management that...

Microsoft has released security updates to address two Critical-rated flaws impacting Bing and Power Pages, including one that has come under active exploitation in the wild. The vulnerabilities are listed below – CVE-2025-21355 (CVSS score: 8.6) – Microsoft Bing Remote Code Execution Vulnerability CVE-2025-24989 (CVSS score: 8.2) – Microsoft Power Pages Elevation of Privilege Vulnerability ”  – Read More  –...

Russian state threat groups have compromised Signal accounts used by Ukrainian military and government personnel to eavesdrop on real-time communications, Google Threat Intelligence Group said in a report released Wednesday. “This is a persistent, ongoing campaign being carried out by multiple different Russia-aligned threat actors,” Dan Black, principal analyst at Google Threat Intelligence Group, said in an email to CyberScoop....

Federal agencies need help from stakeholders outside of government to solve some of the harder technical barriers in setting up zero-trust architecture in their networks, the Department of Energy’s chief information security officer said Wednesday. Speaking at CyberScoop’s Zero Trust Summit in Washington D.C., Paul Selby urged technology manufacturers and experts to work with federal agencies to develop technologies and...

One of the most notable elements of the monumental hack of major telecommunications companies is just how “indiscriminate” it was in its pursuit of data, a top FBI official said Wednesday. The FBI has been investigating the breach, which it has blamed on Chinese government hackers commonly known as Salt Typhoon. “What we found particularly remarkable in our investigation is...

Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. “The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the app’s legitimate ‘linked devices’ feature that enables Signal to be used on multiple  – Read More  –...

Is your Signal, WhatsApp, or Telegram account safe? Google warns of increasing attacks by Russian state-backed groups. Learn…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Cary, North Carolina, 19th February 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The education sector is changing quickly as it adopts digital tools for better learning experiences. These days, learning…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News