Author: [email protected] (The Hacker News)

Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group called ComicForm since at least April 2025. The activity primarily targeted industrial, financial, tourism, biotechnology, research, and trade sectors, cybersecurity company F6 said in an analysis published last week. The attack chain involves  … Read More “ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks  – The Hacker News” »

The security landscape now moves at a pace no patch cycle can match. Attackers aren’t waiting for quarterly updates or monthly fixes—they adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become the blueprint for tomorrow’s breach. This week’s recap explores the trends driving that … Read More “⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More  – The Hacker News” »

Radware researchers revealed a service-side flaw in OpenAI’s ChatGPT. The ShadowLeak attack had used indirect prompt injection to bypass defences and leak sensitive data, but the issue has since been fixed.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Europol and 18 countries used AI forensics to identify 51 child victims and 60 suspects in a global online abuse investigation.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

We hear this a lot: “We’ve got hundreds of service accounts and AI agents running in the background. We didn’t create most of them. We don’t know who owns them. How are we supposed to secure them?” Every enterprise today runs on more than users. Behind the scenes, thousands of non-human identities, from service accounts … Read More “How to Gain Control of AI Agents and Non-Human Identities  – The Hacker News” »

Pessimism is mounting about the chances that Congress will reauthorize a cyber threat information-sharing law before it’s set to expire at the end of this month — with no clear path for either a temporary or long-term extension. Industry groups and the Trump administration have put a lot of muscle into renewing the 2015 Cybersecurity … Read More “Cyber threat information law hurtles toward expiration, with poor prospects for renewal  – CyberScoop” »

In August 2024, the National Institute of Standards and Technology published its first set of post-quantum cryptography (PQC) standards, the culmination of over seven years of cryptographic scrutiny, review and competition.  As the standards were announced, the implications for cybersecurity leaders were clear: The U.S. government must re-secure its entire digital infrastructure — from battlefield … Read More “Why federal IT leaders must act now to deliver NIST’s post-quantum cryptography transition  – CyberScoop” »

The UK’s spy agency, MI6, has launched a new dark web portal called Silent Courier to securely recruit agents worldwide, particularly from Russia. Learn how this shift to the dark web marks a new era in modern espionage and national security.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. … Read More “Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants  – The Hacker News” »

Threat actors with ties to the Democratic People’s Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret. “The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles,” … Read More “DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams  – The Hacker News” »

Cyberattack on Collins Aerospace check-in system disrupts major European airports, causing flight delays and cancellations across hubs.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malware-laced programs masquerading as legitimate tools. “In the case of LastPass, the fraudulent repositories redirected potential victims to a repository that downloads the Atomic infostealer malware,” researchers Alex Cox, Mike Kosak, and  – Read More  … Read More “LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer  – The Hacker News” »

Cybersecurity researchers have discovered what they say is the earliest example known to date of a malware with that bakes in Large Language Model (LLM) capabilities. The malware has been codenamed MalTerminal by SentinelOne SentinelLABS research team. The findings were presented at the LABScon 2025 security conference. In a report examining the malicious use of … Read More “Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell  – The Hacker News” »

Cybersecurity researchers have disclosed a zero-click flaw in OpenAI ChatGPT’s Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action. The new class of attack has been codenamed ShadowLeak by Radware. Following responsible disclosure on June 18, 2025, the issue was addressed … Read More “ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent  – The Hacker News” »

Researchers warned that a maximum-severity vulnerability affecting GoAnywhere MFT bears striking similarities with a widely exploited defect in the same file-transfer service two years ago. Fortra, the cybersecurity vendor behind the product, disclosed and released a patch for the vulnerability — CVE-2025-10035 — Thursday. The deserialization vulnerability “allows an actor with a validly forged license … Read More “Researchers raise alarm over maximum-severity defect in GoAnywhere file-transfer service  – CyberScoop” »

New investigation exposes a China-based ring that sold over 6,500 fake United States and Canadian IDs using well-planned covert packaging. Learn how this operation threatens national security and enables financial crime.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It’s assessed to be affiliated with Iran’s Islamic  … Read More “UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware  – The Hacker News” »

The Trump administration is signaling to industry and allies that it is considering a broader set of actions related to quantum computing, both to improve the nation’s capacity to defend against future quantum-enabled hacks and ensure the United States promotes and maintains global dominance around a key national security technology. The discussions include potentially taking … Read More “Trump administration planning expansion of U.S. quantum strategy  – CyberScoop” »

New York, New York, 19th September 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. The vulnerability, tracked as CVE-2025-10035, carries a CVSS score of 10.0, indicating maximum severity. “A deserialization vulnerability in the License Servlet of Fortra’s GoAnywhere MFT allows an actor with a … Read More “Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability  – The Hacker News” »

A proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. “REM Proxy is a sizeable network, which also markets a pool of 20,000 Mikrotik routers and a variety of … Read More “SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers  – The Hacker News” »

The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. “Phishing-as-a-Service (PhaaS) deployments have risen significantly recently,” Netcraft said in a new report. “The PhaaS operators charge a monthly fee for phishing software with pre-installed templates impersonating, in some cases,  – … Read More “17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge  – The Hacker News” »

The Department of Defense is seeking to address persistent shortages in its cyber workforce by reducing the time to fill vacant cybersecurity jobs to 25 days. The target, outlined by a senior official during a recent discussion, comes as the department faces a shortfall of nearly 20,000 cyber professionals within its ranks, a figure that … Read More “DOD official: We need to drop the cybersecurity talent hiring window to 25 days  – CyberScoop” »

Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. The workflow we are highlighting streamlines security alert handling by automatically identifying and executing the appropriate … Read More “How To Automate Alert Triage With AI Agents and Confluence SOPs Using Tines  – The Hacker News” »

WatchGuard has issued a critical security alert for its Firebox firewalls due to a serious vulnerability, CVE-2025-9242. Learn what this ‘out-of-bounds write’ flaw means, which Fireware OS versions are affected, and the urgent steps to take to protect your network from remote attacks.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI … Read More “WatchGuard Issues Fix for 9.3-Rated Firebox Firewall Vulnerability  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto” »

Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities. Slovak cybersecurity company ESET said it observed the Gamaredon tools PteroGraphin and PteroOdd being used to execute Turla group’s Kazuar backdoor on an endpoint in Ukraine in February 2025, indicating that Turla is very … Read More “Russian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in Ukraine  – The Hacker News” »

Cybersecurity researchers have discerned evidence of two Russian hacking groups Gamaredon and Turla collaborating together to target and co-comprise Ukrainian entities. Slovak cybersecurity company ESET said it observed the Gamaredon tools PteroGraphin and PteroOdd being used to execute Turla group’s Kazuar backdoor on an endpoint in Ukraine in February 2025, indicating that Turla is very … Read More “Russian Hackers Gamaredon and Turla Collaborate to Deploy Kazuar Backdoor in Ukraine  – The Hacker News” »

Law enforcement authorities in the U.K. have arrested two teen members of the Scattered Spider hacking group in connection with their alleged participation in an August 2024 cyber attack targeting Transport for London (TfL), the city’s public transportation agency. Thalha Jubair (aka EarthtoStar, Brad, Austin, and @autistic), 19, from East London and Owen Flowers, 18, … Read More “U.K. Arrests Two Teen Scattered Spider Hackers Linked to August 2024 TfL Cyber Attack  – The Hacker News” »

28-year-old Daniel Lee Newhard, an American citizen living in Estonia, has been charged in relation to the notorious hack of Vastaamo, the biggest data breach in Finnish history. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of two sets of malware that were discovered in an unnamed organization’s network following the exploitation of security flaws in Ivanti Endpoint Manager Mobile (EPMM). “Each set contains loaders for malicious listeners that enable cyber threat actors to run arbitrary code on the … Read More “CISA Warns of Two Malware Strains Exploiting Ivanti EPMM CVE-2025-4427 and CVE-2025-4428  – The Hacker News” »

Now, especially in a very competitive environment, it is essential to make your name shine. Enterprise SEO solutions…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Federal agencies are increasingly incorporating artificial intelligence into the cyberdefenses of government networks, and there’s more still to come, acting Federal Chief Information Security Officer Michael Duffy said Thursday. “We’re at an exciting time in the federal government to see that we’re not only putting AI in production, but we’re finding ways to accelerate emerging … Read More “Agencies increasingly dive into AI for cyber defense, acting federal CISO says  – CyberScoop” »

Federal agencies are increasingly incorporating artificial intelligence into the cyberdefenses of government networks, and there’s more still to come, acting Federal Chief Information Security Officer Michael Duffy said Thursday. “We’re at an exciting time in the federal government to see that we’re not only putting AI in production, but we’re finding ways to accelerate emerging … Read More “Agencies increasingly dive into AI for cyber defense, acting federal CISO says  – CyberScoop” »

Two teenagers were arrested in the United Kingdom this week, accused of associating with the sprawling criminal collective known as The Com, and participating in many high-profile and damaging cyberattacks on critical infrastructure globally. Thalha Jubair, 19 of London, and Owen Flowers, 18 of Walsall, England, were arrested at their residences Tuesday and charged with … Read More “UK arrests two teens accused of heavy involvement in yearslong Scattered Spider attack spree  – CyberScoop” »

Two UK teens have been charged in connection with the TfL hack, as investigators link them to Scattered Spider cyberattacks and data breaches.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto