Author: djohnson

Throughout 2024, OpenAI teased the public release of Sora, its new video generation large language model, capable of creating lifelike visuals out of user prompts. But due to concerns about the tool being used to create realistic disinformation during a  critical U.S. election year, the company delayed its release until after the elections.  Now, a … Read More “Advocacy group calls on OpenAI to address Sora 2’s deepfake risks  – CyberScoop” »

Amazon’s threat intelligence team said it observed an advanced persistent threat group exploiting zero-day vulnerabilities affecting Cisco Identity Service Engine and Citrix NetScaler products before the vendors disclosed and patched the defects last summer. Amazon’s MadPot honeypot service detected active exploitation of the critical defects — CVE-2025-5777 in Citrix and CVE-2025-20337 in Cisco — and … Read More “Amazon pins Cisco, Citrix zero-day attacks to APT group  – CyberScoop” »

Old DarkComet RAT spyware is back, hiding inside fake Bitcoin wallets and trading apps to steal credentials via keylogging.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries. The PhaaS kit is used to conduct large-scale SMS phishing attacks that exploit … Read More ” Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform  – The Hacker News” »

A 20-year-old Maryland man allegedly associated with violent extremist group 764 is in federal custody, facing charges for sexual exploitation of children, online coercement and enticement, and cyberstalking.  Erik Lee Madison, of Halethorpe, Maryland, is accused of victimizing at least five children this fall, including one as young as 13 at the time. His alleged … Read More “Maryland man faces federal charges for crimes allegedly linked to 764  – CyberScoop” »

North Korea-linked KONNI hackers used KakaoTalk and Google Find Hub to spy on victims and remotely wipe Android devices in a targeted phishing campaign.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Amazon’s threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware. “This discovery highlights the trend of threat actors focusing on critical identity and network access control … Read More “Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws  – The Hacker News” »

Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you’re always one step behind. But what if there was a smarter way to stay ahead—without adding more work or stress? Join The Hacker News and … Read More “[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR  – The Hacker News” »

A Russian hacker accused of helping ransomware gangs break into businesses across the United States is set to plead guilty, according to recently filed federal court documents. 25-year-old Aleksey Olegovich Volkov worked as an “initial access broker”, a cybercriminal specialist who focuses on the earliest stage of an attack: gaining the first foothold inside a … Read More “Russian hacker admits helping Yanluowang ransomware infect companies  – Graham Cluley” »

Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild. Of the 63 flaws, four are rated Critical and 59 are rated Important in severity. Twenty-nine of these vulnerabilities are related to privilege escalation, followed by 16 remote code execution, … Read More “Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack  – The Hacker News” »

If you manage Facebook advertising for a small or medium-sized business, open your inbox with suspicion, because attackers…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD’s importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, it represents the holy grail: compromise Active  … Read More “Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security  – The Hacker News” »

Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud. The company said it has built Private AI Compute to “unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private … Read More “Google Launches ‘Private AI Compute’ — Secure AI Processing with On-Device-Level Privacy  – The Hacker News” »

In 2025, account takeover (ATO) attacks are a significant – and growing – cybersecurity threat, especially in the…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Cl0p ransomware lists NHS UK as a victim days after The Washington Post confirms a major Oracle E-Business breach linked to CVE-2025-61882.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Microsoft addressed 63 vulnerabilities affecting its underlying systems and core products, including one actively exploited zero-day, the company said in its latest monthly security update.  The zero-day vulnerability — CVE-2025-62215 — affects the Windows Kernel and has a CVSS rating of 7.0 due to a high attack complexity, according to Microsoft. Exploitation, which could allow … Read More “Microsoft Patch Tuesday addresses 63 defects, including one actively exploited zero-day  – CyberScoop” »

Amazon became the latest company to open its large language models to outside security researchers, announcing the creation of a new bug bounty program for the tech giant’s AI tools. The program will allow select third-party researchers and academic teams to prod NOVA, Amazon’s suite of foundational AI models and receive compensation for their findings. … Read More “Amazon rolls out AI bug bounty program   – CyberScoop” »

GlobalLogic, a digital engineering and product design company, said it was impacted by a widespread data theft and extortion campaign linked to a zero-day vulnerability in Oracle E-Business Suite. The company, which was acquired by Hitachi in 2021 and has a current customer base of nearly 600 clients, filed data breach notifications with authorities in … Read More “Hitachi subsidiary GlobalLogic impacted by Clop’s attack spree on Oracle customers  – CyberScoop” »

Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp. According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking … Read More “WhatsApp Malware ‘Maverick’ Hijacks Browser Sessions to Target Brazil’s Biggest Banks  – The Hacker News” »

I’ve made it through Pwn2Own Ireland, and while many are celebrated those who served their country in the armed services, patch Tuesday stops for no one. So affix your poppy accordingly, and let’s take a look at the latest security offerings from Adobe and Microsoft. If you’d rather watch the full video recap covering the … Read More “The November 2025 Security Update Review  – Zero Day Initiative – Blog” »

In episode 76 of The AI Fix, two US federal judges blame AI for imaginary case law, a Chinese “humanoid” dramatically sheds its skin onstage, Toyota unveils a crabby walking chair creeps us out, Google plans AI chips in orbit, robot dogs get jobs at Sellafield, and AI writes cruise-ship gags from the 1950s (but … Read More “The AI Fix #76: AI self-awareness, and the death of comedy  – Graham Cluley” »

The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours … Read More “GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites  – The Hacker News” »

Virginia-based BigBear.ai announced Monday it will acquire Ask Sage, a generative artificial intelligence platform specializing in secure deployment of AI models and agentic systems across defense and other regulated sectors, in a deal valued at about $250 million. Ask Sage focuses on safety and security in the growing field of agentic AI, or systems capable … Read More “BigBear.ai to buy Ask Sage, strengthening security-centric AI for federal agencies  – CyberScoop” »

Have I Been Pwned (HIBP), the popular breach notification service, has added another massive dataset to its platform.…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Cybersecurity researchers have disclosed details of a new Android remote access trojan (RAT) called Fantasy Hub that’s sold on Russian-speaking Telegram channels under a Malware-as-a-Service (MaaS) model. According to its seller, the malware enables device control and espionage, allowing threat actors to collect SMS messages, contacts, call logs, images, and videos, as well as intercept, … Read More “Android Trojan ‘Fantasy Hub’ Malware Service Turns Telegram Into a Hub for Hackers  – The Hacker News” »

Veracode Threat Research exposed a targeted typosquatting attack on npm, where the malicious package @acitons/artifact stole GitHub tokens. Learn how this supply chain failure threatened the GitHub organisation’s code.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Cybersecurity researchers have discovered a malicious npm package named “@acitons/artifact” that typosquats the legitimate “@actions/artifact” package with the intent to target GitHub-owned repositories. “We think the intent was to have this script execute during a build of a GitHub-owned repository, exfiltrate the tokens available to the build environment, and then use those tokens to publish  … Read More “Researchers Detect Malicious npm Package Targeting GitHub-Owned Repositories  – The Hacker News” »

AI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations. Download the full CISO’s expert guide to AI Supply chain attacks here.  TL;DR AI-enabled supply chain attacks are exploding in scale and sophistication – Malicious package uploads to open-source repositories jumped … Read More “CISO’s Expert Guide To AI Supply Chain Attacks  – The Hacker News” »

Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The North Korea-affiliated threat actor known as Konni (aka Earth Imp, Opal Sleet, Osmium, TA406, and Vedalia) has been attributed to a new set of attacks targeting both Android and Windows devices for data theft and remote control. “Attackers impersonated psychological counselors and North Korean human rights activists, distributing malware disguised as stress-relief programs,” the … Read More “Konni Hackers Turn Google’s Find Hub into a Remote Data-Wiping Weapon  – The Hacker News” »

Google’s Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet’s Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads.  The  – … Read More “Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature  – The Hacker News” »

Researchers aren’t very concerned about the dozens of undisclosed F5 vulnerabilities a nation-state attacker stole during a prolonged attack on F5’s internal systems. Yet, the heist of sensitive intelligence from a widely used vendor’s internal network resembles previous espionage-driven attacks that could pose long-term consequences downstream. F5, which became aware of the attack Aug. 9 … Read More “What’s left to worry (and not worry) about in the F5 breach aftermath  – CyberScoop” »

Intel, the leading computer chip maker, has filed a lawsuit seeking at least $250,000 in damages from a…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

In an era where digital ecosystems extend far beyond a company’s internal network, enterprise cybersecurity is no longer…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Unit 42 discovered LANDFALL, commercial-grade Android spyware, which used a hidden image vulnerability (CVE-2025-21042) to remotely spy on Samsung Galaxy users via WhatsApp. Update your phone now.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More