AttackFeed by Joe Wagner

ShinyHunters claims it breached European Commission systems, leaking 350GB of data. Officials are investigating, with no independent verification yet.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the internet. Handala Hack Team, which carried out the breach, said on its website that Patel “will now find … Read More “Iran-Linked Hackers Breach FBI Director’s Personal Email, Hit Stryker With Wiper Attack  – The Hacker News” »

Lloyds Banking Group to compensate 450,000 customers after app glitch exposed data. Find out how the glitch affected…  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr. The vulnerability, CVE-2026-3055 (CVSS score: 9.3), refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive information. Per  – Read … Read More “Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug  – The Hacker News” »

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices. The activity has been attributed with high confidence to the Russian state-sponsored threat group known as TA446, which is also tracked by the broader cybersecurity community … Read More “TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign  – The Hacker News” »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2025-53521 (CVSS v4 score: 9.3), which could allow a threat actor to achieve remote code execution. … Read More “CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation  – The Hacker News” »

Iran-linked Handala hackers breached FBI Chief Kash Patel’s Gmail, leaking photos and documents. Officials say no classified data was exposed.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

ShinyHunters leaves BreachForums, leaks data of 300,000 users, warns all active domains are fake, and threatens more leaks from forum backups.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the update. The development was first reported by MacRumors. “Apple is aware of attacks targeting out-of-date iOS software, including the version on your iPhone. Install this … Read More “Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits  – The Hacker News” »

Google fast-tracks post-quantum cryptography with a 2029 deadline as researchers warn quantum computers could break current encryption sooner than expected.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Iranian hackers claimed Friday to have compromised the personal data of FBI Director Kash Patel, and the bureau confirmed that it knew of the targeting of Patel’s personal email. The government-connected hacking group, Handala, previously claimed credit for hacking medical device maker Stryker, a boast that threat researchers considered credible. “All personal and confidential email … Read More “Iranian hackers, Handala, claim to compromise FBI Director Kash Patel’s personal data  – CyberScoop” »

Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files…  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a … Read More “TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files  – The Hacker News” »

SAN FRANCISCO — Every RSA Conference has its buzzwords. Cloud. Ransomware. Zero trust. Plastered across the 87-acre Moscone Center complex on every booth, banner and bar. This year was AI, with vendors pitching AI-powered solutions to every security problem imaginable. But 2026 stood out for a different reason: Industry leaders spent the conference warning about … Read More “Security leaders say the next two years are going to be ‘insane’  – CyberScoop” »

Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX’s pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) extension to pass the vetting process and go live in the registry. “The pipeline had a single boolean return value that meant both ‘no scanners are … Read More “Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks  – The Hacker News” »

Letter from group published by MPs blames 12 March glitch on software update to its mobile banking apps Lloyds Banking Group exposed the personal data of nearly 500,000 customers in an IT glitch that left people’s payments, account details and national insurance numbers visible to other users, a committee of MPs has revealed. A letter … Read More “Almost half a million Lloyds customers had personal data exposed in IT glitch  – Data and computer security | The Guardian” »

Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security. Business accounts associated with social media platforms are a lucrative target, as they can be weaponized by bad actors for malvertising and distributing malware. “TikTok has been historically … Read More “AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion  – The Hacker News” »

Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it.  Introduction: One tech power to rule them all is a thing of the past  The relative safety, peace and prosperity that much of the world has … Read More “We Are At War  – The Hacker News” »

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. “Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon … Read More “Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware  – The Hacker News” »

Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history. Both LangChain and LangGraph are open-source frameworks that are used to build applications powered by Large Language Models (LLMs). LangGraph is built on the foundations of  – Read More  – The … Read More “LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks  – The Hacker News” »

ReversingLabs researchers identify a new Ghost campaign using fake npm install logs and progress bars to phish for sudo passwords and steal crypto wallets from developers.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

A year-long effort to strengthen cybersecurity and modernize tech at U.S. intelligence agencies has led to policy standards for using AI to bolster cyber defenses, a shared repository of all apps that have undergone a cybersecurity review and more, the Office of the Director of National Intelligence announced Thursday. An unclassified summary of cyber and … Read More “ODNI tackles AI, threat hunting, app cybersecurity in year-one tech review  – CyberScoop” »

The Federal Communications Commission is moving to crack down on illegal robocalls and the use of foreign call centers. At a meeting Thursday, the three-member commission unanimously approved a new proposed regulation to increase certification and disclosure requirements for obtaining phone numbers, while also expanding those same requirements to all providers seeking phone numbers from … Read More “FCC pushes new rules to crack down on robocallers, foreign call centers  – CyberScoop” »

Enterprise AI security solutions in 2026, compare Check Point, Palo Alto, CrowdStrike, Fortinet, and Zscaler across cloud, endpoint, and network.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments, has been attributed to Red Menshen, a threat cluster that’s also tracked as Earth Bluecrow,  – Read … Read More “China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks  – The Hacker News” »

7AI research reveals a massive QR code phishing attack that evaded SPF, DKIM, and DMARC. Find out how 1.6 million emails went undetected.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

SAN FRANCISCO — Four former National Security Agency directors shared varying concerns about a lack of earnest and widespread response to growing threats in cyberspace during a discussion at the RSAC 2026 Conference on Tuesday. Accelerating threats posed by artificial intelligence, China and cybercriminals at large are testing the country’s resolve and determination to foster … Read More “Former NSA chiefs worry American offensive edge in cybersecurity is slipping  – CyberScoop” »

Banks, governments and tech providers urged to upgrade security because current systems will soon be obsolete Banks, governments and technology providers need to be prepared for quantum computer hackers capable of breaking most existing encryption systems by 2029, Google has warned. The tech company said in a blogpost that quantum computers would pose a “significant … Read More “Google warns quantum computers could hack encrypted systems by 2029  – Data and computer security | The Guardian” »

This practitioner-focused review covers Acalvio ShadowPlex, a deception-first platform designed to stop attacker progress across IT, cloud, OT,…  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

CyberProof researchers have detected a 10% surge in PXA Stealer attacks targeting financial institutions in Q1 2026. Learn…  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Some weeks in security feel loud. This one feels sneaky. Less big dramatic fireworks, more of that slow creeping sense that too many people are getting way too comfortable abusing things they probably shouldn’t even be touching. There’s a little bit of everything in this one, too. Weird delivery tricks, old problems coming back in … Read More “ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories  – The Hacker News” »

Sonatype uncovers a sophisticated malware campaign using hijacked npm developer accounts to steal API keys and passwords. Is your dev environment at risk?  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More