Author: Joe-W

Cybersecurity researchers have discovered what has been described as the first-ever instance of a Model Context Protocol (MCP) server spotted in the wild, raising software supply chain risks. According to Koi Security, a legitimate-looking developer managed to slip in rogue code within an npm package called “postmark-mcp” that copied an official Postmark Labs library of … Read More “First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package  – The Hacker News” »

Microsoft is calling attention to a new phishing campaign primarily aimed at U.S.-based organizations that has likely utilized code generated using large language models (LLMs) to obfuscate payloads and evade security defenses. “Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging business terminology and … Read More “Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security  – The Hacker News” »

Singapore, Singapore, 29th September 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Medusa ransomware group claims 834 GB data theft from Comcast, demanding $1.2M ransom while sharing screenshots and file listings.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

WhatsApp has become one of the most popular applications, with over 2 billion individuals using it for communication with friends and family. Unfortunately, this makes WhatsApp an easy way for cyber criminals to target unsuspecting individuals. Since the app is used for friendly methods, many assume that contact via WhatsApp can be trusted. It can’t … Read More “WhatsApp Scams: The Latest Way Criminals Attack  – Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.” »

Telecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing campaign distributing a new variant of a known malware called PlugX (aka Korplug or SOGU). “The new variant’s features overlap with both the RainyDay and Turian backdoors, including abuse of the same legitimate applications for DLL side-loading, … Read More “China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks  – The Hacker News” »

Hackers are sending fake invoice emails with malicious Office files that install the XWorm RAT on Windows systems, allowing full remote access and data theft. Learn how the shellcode and process injection are used to steal data, and how to stay safe from this persistent threat.  – Read More  – Hackread – Latest Cybersecurity, Hacking … Read More “Hackers Use Fake Invoices to Spread XWorm RAT via Office Files  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto” »

The United Nations is making a push to more directly influence global policy on artificial intelligence, including the promotion of policymaking and technical standards around “safe, secure and trustworthy” AI.  Last month, the world body finalized plans to create a new expert panel focused on developing scientific, technical and policy standards for the emerging technology. … Read More “UN seeks to build consensus on ‘safe, secure and trustworthy’ AI  – CyberScoop” »

Bitdefender warns that the TradingView Premium ad scam now targets Google ads and YouTube, hijacking verified channels to spread spyware.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader, which is then used to drop Amatera Stealer and PureMiner. “The phishing emails contain malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments,” Fortinet FortiGuard Labs researcher Yurren Wan said in a report shared … Read More “Researchers Expose SVG and PureRAT Phishing Threats Targeting Ukraine and Vietnam  – The Hacker News” »

FortiGuard Labs exposes a high-severity phishing campaign impersonating the National Police of Ukraine to deliver Amatera Stealer (data theft) and PureMiner (cryptojacking) to Windows PCs.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Threat intelligence professionals have a sense of foreboding about a maximum-severity vulnerability Forta disclosed last week in its file-transfer service GoAnywhere MFT, as they steel themselves for active exploitation and signs of compromise. Forta has not declared the defect actively exploited and did not answer questions to that effect from CyberScoop. Yet, researchers at watchTowr … Read More “Worries mount over max-severity GoAnywhere defect  – CyberScoop” »

The Russian advanced persistent threat (APT) group known as COLDRIVER has been attributed to a fresh round of ClickFix-style attacks designed to deliver two new “lightweight” malware families tracked as BAITSWITCH and SIMPLEFIX. Zscaler ThreatLabz, which detected the new multi-stage ClickFix campaign earlier this month, described BAITSWITCH as a downloader that ultimately drops SIMPLEFIX, a  … Read More “New COLDRIVER Malware Campaign Joins BO Team and Bearlyfy in Russia-Focused Cyberattacks  – The Hacker News” »

California-based Archer Health exposed 23GB of patient records, including SSNs, IDs, and medical files, after an unprotected database was found online.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Car makers don’t trust blueprints. They smash prototypes into walls. Again and again. In controlled conditions. Because design specs don’t prove survival. Crash tests do. They separate theory from reality. Cybersecurity is no different. Dashboards overflow with “critical” exposure alerts. Compliance reports tick every box.  But none of that proves what matters most to a … Read More “Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions  – The Hacker News” »

Cybersecurity researchers have discovered an updated version of a known Apple macOS malware called XCSSET that has been observed in limited attacks. “This new variant of XCSSET brings key changes related to browser targeting, clipboard hijacking, and persistence mechanisms,” the Microsoft Threat Intelligence team said in a Thursday report. “It employs sophisticated encryption and obfuscation  … Read More “New macOS XCSSET Variant Targets Firefox with Clipper and Persistence Module  – The Hacker News” »

Cybersecurity company watchTowr Labs has disclosed that it has “credible evidence” of active exploitation of the recently disclosed security flaw in Fortra GoAnywhere Managed File Transfer (MFT) software as early as September 10, 2025, a whole week before it was publicly disclosed. “This is not ‘just’ a CVSS 10.0 flaw in a solution long favored … Read More “Fortra GoAnywhere CVSS 10 Flaw Exploited as 0-Day a Week Before Public Disclosure  – The Hacker News” »

The U.K. National Cyber Security Centre (NCSC) has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. “The RayInitiator and LINE VIPER malware represent a significant evolution on that used in the previous campaign, … Read More “Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware  – The Hacker News” »

The Cybersecurity and Infrastructure Security Agency acknowledged it’s yet to get a complete handle on the scope and impact of attacks involving Cisco zero-day vulnerabilities that prompted it to release an emergency directive Thursday.  The attack timeline dates back almost a year, according to an investigation Cisco and federal authorities did behind the scenes to … Read More “CISA says it observed nearly year-old activity tied to Cisco zero-day attacks  – CyberScoop” »

Federal cyber authorities sounded a rare alarm Thursday, issuing an emergency directive about an ongoing and widespread attack spree involving actively exploited zero-day vulnerabilities affecting Cisco firewalls.  Cisco said it began investigating attacks on multiple government agencies linked to the state-sponsored campaign in May. The vendor, which attributes the attacks to the same threat group … Read More “CISA alerts federal agencies of widespread attacks using Cisco zero-days  – CyberScoop” »

Austin / TX, United States, 25th September 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Firm, which has 18 sites around London and more in US, India and China, has received ransom demand, say reports The names, pictures and addresses of about 8,000 children have reportedly been stolen from the Kido nursery chain by a gang of cybercriminals. The criminals have demanded a ransom from the company – which has … Read More “Hackers reportedly steal details of 8,000 children from Kido nursery chain  – Data and computer security | The Guardian” »

The threat actor known as Vane Viper has been outed as a purveyor of malicious ad technology (adtech), while relying on a tangled web of shell companies and opaque ownership structures to deliberately evade responsibility. “Vane Viper has provided core infrastructure in widespread malvertising, ad fraud, and cyberthreat proliferation for at least a decade,” Infoblox … Read More “Vane Viper Generates 1 Trillion DNS Queries to Power Global Malware and Ad Fraud Network  – The Hacker News” »

Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild. The zero-day vulnerabilities in question are listed below – CVE-2025-20333 (CVSS score: 9.9) – An … Read More “Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive  – The Hacker News” »

As government looks for ways to tackle illegal immigration, move will spark battle with civil liberties campaigners All working adults will need digital ID cards under plans to be announced by Keir Starmer in a move that will spark a battle with civil liberties campaigners. The prime minister will set out the plans on Friday … Read More “Keir Starmer expected to announce plans for digital ID cards  – Data and computer security | The Guardian” »

As Keir Starmer appear poised to introduce such a scheme, we look at the arguments for and against it It is 21 years since Tony Blair’s government made proposals for an ID card system to tackle illegal working and immigration, and to make it more convenient for the public to access services. The same issues … Read More “Digital ID cards: a versatile and useful tool, or a worrying cybersecurity risk?  – Data and computer security | The Guardian” »

Department of Government Efficiency practices at three federal agencies “violate statutory requirements, creating unprecedented privacy and cybersecurity risks,” according to a report that Senate Homeland Security and Governmental Affairs Committee Democrats published Thursday. The report — drawn from a mix of media reports, legal filings, whistleblower disclosures to the committee and staff visits to the … Read More “Dem report concludes Department of Government Efficiency violates cybersecurity, privacy rules  – CyberScoop” »

New Lone None Stealer uses Telegram C2 and DLL side-loading to grab passwords, credit cards, and crypto. Find out how to spot this highly evasive phishing scam.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity firm Noma Security reveals ForcedLeak, a critical flaw in Salesforce Agentforce that allowed data theft. Learn what companies need to do now to secure AI agents.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cisco Systems has issued security updates to address a critical vulnerability in its widely deployed IOS and IOS XE network operating systems, after confirming the flaw is being exploited in active attacks. Designated CVE-2025-20352, the vulnerability resides in the Simple Network Management Protocol (SNMP) subsystem of Cisco’s core network software. According to Cisco, the weakness … Read More “Cisco uncovers new SNMP vulnerability used in attacks on IOS devices  – CyberScoop” »