Author: Waqas

US teen indicted for involvement in extremist “764” network, accused of child exploitation, animal cruelty, and cyberstalking, says the Justice Department.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover (DTO) attacks. “Herodotus is designed to perform device takeover while making first attempts to mimic human behaviour and bypass behaviour biometrics detection,” ThreatFabric said in a report … Read More “New Android Trojan ‘Herodotus’ Outsmarts Anti-Fraud Systems by Typing Like a Human  – The Hacker News” »

As AI browser agents enter the market promising to help people shop, hire employees  or assist with other online tasks, security researchers are warning that the information these programs collect from the internet can be manipulated and corrupted without anyone ever realizing it. In new research shared exclusively with CyberScoop, AI cybersecurity firm SPLX highlighted … Read More “Exclusive: OpenAI’s Atlas browser — and others — can be tricked by manipulated web content  – CyberScoop” »

Threat actors tied to North Korea have been observed targeting the Web3 and blockchain sectors as part of twin campaigns tracked as GhostCall and GhostHire. According to Kaspersky, the campaigns are part of a broader operation called SnatchCrypto that has been underway since at least 2017. The activity is attributed to a Lazarus Group sub-cluster … Read More “Researchers Expose GhostCall and GhostHire: BlueNoroff’s New Malware Chains  – The Hacker News” »

A new Python-based infostealer called RedTiger is targeting Discord gamers to steal authentication tokens, passwords, and payment information. Learn how the malware works, its evasion tactics, and essential security steps like enabling MFA.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

In episode 74 of The AI Fix, we meet Amazon’s AI-powered delivery glasses, an AI TV presenter who doesn’t exist, and an Ohio lawmaker who wants to stop people from marrying their chatbot. Also, we learn how Geoffrey Hinton and Steve Wozniak have teamed up with the unlikely coupling of will.i.am and Steve Bannon to … Read More “The AI Fix #74: AGI, LLM brain rot, and how to scam an AI browser  – Graham Cluley” »

In cybersecurity, speed isn’t just a win — it’s a multiplier. The faster you learn about emerging threats, the faster you adapt your defenses, the less damage you suffer, and the more confidently your business keeps scaling. Early threat detection isn’t about preventing a breach someday: it’s about protecting the revenue you’re supposed to earn … Read More “Why Early Threat Detection Is a Must for Long-Term Business Growth  – The Hacker News” »

As more of our communication and work move online, keeping large file transfers secure has become a serious…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Mass exploitation attacks are once again targeting WordPress websites, this time through serious vulnerabilities in two popular plugins,…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The New Reality for Lean Security Teams If you’re the first security or IT hire at a fast-growing startup, you’ve likely inherited a mandate that’s both simple and maddeningly complex: secure the business without slowing it down. Most organizations using Google Workspace start with an environment built for collaboration, not resilience. Shared drives, permissive settings, … Read More “Is Your Google Workspace as Secure as You Think it is?  – The Hacker News” »

The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, according to new findings from Kaspersky. The vulnerability in question is CVE-2025-2783 (CVSS score: 8.3), a case of sandbox escape which the company disclosed in March 2025 … Read More “Chrome Zero-Day Exploited to Deliver Italian Memento Labs’ LeetAgent Spyware  – The Hacker News” »

A European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity “reveals a notable evolution in SideWinder’s TTPs, particularly the adoption of … Read More “SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats  – The Hacker News” »

Serverless architectures have fundamentally altered the cybersecurity landscape, creating attack vectors that traditional security models cannot address. After…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Attackers are actively exploiting a critical vulnerability in Windows Server Update Services, bypassing a patch Microsoft issued earlier this month that failed to mitigate the issue affecting software versions dating back to 2012.  Microsoft released an emergency, out-of-band security update for CVE-2025-59287 on Thursday. Multiple research firms detected in-the-wild exploitation by Friday, yet Microsoft has … Read More “Attackers bypass patch in deprecated Windows Server update tool  – CyberScoop” »

LayerX Security found a flaw in OpenAI’s ChatGPT Atlas browser that lets attackers inject commands into its memory, posing major security and phishing risks.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Unsecured House Democrats’ resume bank (DomeWatch) exposed 7,000 records, including PII and “top secret” clearance status, raising identity theft fears.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

New York, New York, USA, 27th October 2025, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Kaspersky researchers said Monday that they’ve unearthed a malware campaign they’re linking to the successor company of the infamous Italy-based surveillance tech firm Hacking Team, and at the same time discovered new commercial malware tied to the same firm. The malware campaign that Kaspersky dubbed Operation ForumTroll targeted government organizations, media outlets, financial institutions, universities, … Read More “Hacking Team successor linked to malware campaign, new ‘Dante’ commercial spyware  – CyberScoop” »

Social media platform X is urging users who have enrolled for two-factor authentication (2FA) using passkeys and hardware security keys like Yubikeys to re-enroll their key to ensure continued access to the service. To that end, users are being asked to complete the re-enrollment, either using their existing security key or enrolling a new one, … Read More “X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts  – The Hacker News” »

Cybersecurity researchers have discovered a new vulnerability in OpenAI’s ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence (AI)-powered assistant’s memory and run arbitrary code. “This exploit can allow attackers to infect systems with malicious code, grant themselves access privileges, or deploy malware,” LayerX  – Read More  … Read More “New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands  – The Hacker News” »

Researchers have uncovered HyperRat, a new Android malware sold as a service, giving attackers remote control, data theft tools, and mass phishing features.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

London, United Kingdom, 27th October 2025, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Security, trust, and stability — once the pillars of our digital world — are now the tools attackers turn against us. From stolen accounts to fake job offers, cybercriminals keep finding new ways to exploit both system flaws and human behavior. Each new breach proves a harsh truth: in cybersecurity, feeling safe can be far … Read More “⚡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens  – The Hacker News” »

X (formerly Twitter) is asking users with security keys to re-enroll by Nov 10 as it moves logins from twitter.com to x.com for continued 2FA access.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its data leak site touching a high of 100 cases in June. The development comes as the ransomware-as-a-service (RaaS) operation has … Read More “Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack  – The Hacker News” »

The newly released OpenAI Atlas web browser has been found to be susceptible to a prompt injection attack where its omnibox can be jailbroken by disguising a malicious prompt as a seemingly harmless URL to visit. “The omnibox (combined address/search bar) interprets input either as a URL to navigate to, or as a natural-language command … Read More “ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands  – The Hacker News” »

Everest ransomware group claims to have stolen 1.5 million passenger records from Dublin Airport and personal data of 18,000 Air Arabia employees in latest breaches.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Hackers earned over $1 million at Pwn2Own Ireland 2025 in Cork, breaching printers, routers, NAS devices, and more as Summoning Team claimed Master of Pwn.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The financial industry is transforming as artificial intelligence (AI) is becoming an integral tool for managing operations, improving…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Everest ransomware group claims a breach of AT&T Careers, alleging theft of 576,000 applicant and employee records locked behind a password-protected listing.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The threat actors behind a large-scale, ongoing smishing campaign have been attributed to more than 194,000 malicious domains since January 1, 2024, targeting a broad range of services across the world, according to new findings from Palo Alto Networks Unit 42. “Although these domains are registered through a Hong Kong-based registrar and use Chinese nameservers, … Read More “Smishing Triad Linked to 194,000 Malicious Domains in Global Phishing Operation  – The Hacker News” »

Microsoft on Thursday released out-of-band security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with a proof-of-concept (Poc) exploit publicly available and has come under active exploitation in the wild. The vulnerability in question is CVE-2025-59287 (CVSS score: 9.8), a remote code execution flaw in WSUS that was originally fixed by the … Read More “Microsoft Issues Emergency Patch for Actively Exploited Critical WSUS Vulnerability  – The Hacker News” »

The United States needs to counter China’s “attempt to export a surveillance state across planet Earth,” and instead push a “clean American tech stack” globally, National Cyber Director Sean Cairncross said Friday. “It’s important that we send that message and engage with not only partners that we have now, but potential partners who are looking … Read More “National cyber director says U.S. needs to counter Chinese surveillance, push American tech  – CyberScoop” »