Author: [email protected] (The Hacker News)

Microsoft has formally tied the exploitation of security flaws in internet-facing SharePoint Server instances to two Chinese hacking groups called Linen Typhoon and Violet Typhoon as early as July 7, 2025, corroborating earlier reports. The tech giant said it also observed a third China-based threat actor, which it tracks as Storm-2603, weaponizing the flaws as … Read More “Microsoft Links Ongoing SharePoint Exploits to Three Chinese Hacker Groups  – The Hacker News” »

Microsoft said two China nation-state threat groups and a separate attacker based in China are exploiting the zero-day vulnerabilities that first caused havoc to SharePoint servers over the weekend. Linen Typhoon and Violet Typhoon — the Chinese government-affiliated threat groups — and an attacker Microsoft tracks as Storm-2603 are exploiting the pair of zero-day vulnerabilities … Read More “Microsoft SharePoint zero-day attacks pinned on China-linked ‘Typhoon’ threat groups  – CyberScoop” »

In episode 60 of The AI Fix, we learn why Grok might be Elon Musk’s bid for digital immortality, how Meta is building a Manhattan-sized data centre called Prometheus, how AI is helping create carbon-sucking concrete, and are bewildered that 2000 people “work” at the Candy Crush company. Plus Graham takes a look at Elon’s … Read More “The AI Fix #60: Elon’s AI girlfriend, the arsonist red panda, and the AI that will kill you  – Graham Cluley” »

Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign.  The activity has been attributed by Arctic Wolf Labs to a financially motivated hacking group called Greedy Sponge. It’s believed to be active since early 2021, indiscriminately targeting a wide … Read More “Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate  – The Hacker News” »

Cisco on Monday updated its advisory of a set of recently disclosed security flaws in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) to acknowledge active exploitation. “In July 2025, the Cisco PSIRT [Product Security Incident Response Team], became aware of attempted exploitation of some of these vulnerabilities in the wild,” the company … Read More “Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access  – The Hacker News” »

The British government announced plans to prohibit public sector organizations and critical infrastructure operators from paying ransoms to cybercriminals, marking a significant shift in the nation’s approach to combating ransomware attacks that have disrupted essential services and cost the economy millions of pounds annually. The proposed measures would prevent the National Health Service, local councils, … Read More “UK moves to ban public sector organizations from making ransom payments  – CyberScoop” »

Hackers are exploiting critical SharePoint flaws (CVE-2025-53770/53771) to breach global targets, including governments and corporations. Microsoft urges immediate action. Learn about the active attacks and how to protect your network from credential theft and backdoors.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Global fashion brand SABO suffers data breach, exposing 3.5+ million customer records including names, addresses, and order details. Learn about the risks and what to do.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Making the move from managing a security operations center (SOC) to being a chief information security officer (CISO) is a significant career leap. Not only do you need a solid foundation of tech knowledge but also leadership skills and business smarts.  This article will guide you through the practical steps and skills you’ll need to … Read More “How to Advance from SOC Manager to CISO?  – The Hacker News” »

The recently disclosed critical Microsoft SharePoint vulnerability has been under exploitation as early as July 7, 2025, according to findings from Check Point Research. The cybersecurity company said it observed first exploitation attempts targeting an unnamed major Western government, with the activity intensifying on July 18 and 19, spanning government, telecommunications, and software  – Read … Read More “Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access  – The Hacker News” »

Austin, United States / TX, 22nd July 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Improve security in your React app with geolocation-based authentication, adding a strong layer beyond passwords to prevent unauthorised access.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Arizona election officials say a hack targeting a statewide online portal for political candidates resulted in the defacement and replacement of multiple candidate photos with the late Iranian Ayatollah Ruhollah Khomeini. While officials say the threat is contained and the vulnerability has been fixed, they also blasted the lack of support they’ve received from the … Read More “After website hack, Arizona election officials unload on Trump’s CISA  – CyberScoop” »

Former Hunters International ransomware gang, now World Leaks, claims 1.3 TB Dell data breach, leaking over 400K files with internal tools and user data.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Fake npm website used in phishing attack to steal maintainer token, leading to malware in popular JavaScript packages like eslint-config-prettier.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region. “The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware,” Kaspersky researchers Denis Kulik and Daniil Pogorelov said. “One of the C2s [command-and-control servers] was … Read More “China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure  – The Hacker News” »

Cybersecurity researchers have unearthed new Android spyware artifacts that are likely affiliated with the Iranian Ministry of Intelligence and Security (MOIS) and have been distributed to targets by masquerading as VPN apps and Starlink, a satellite internet connection service offered by SpaceX. Mobile security vendor Lookout said it discovered four samples of a surveillanceware tool … Read More “Iran-Linked DCHSpy Android Malware Masquerades as VPN Apps to Spy on Dissidents  – The Hacker News” »

Attackers are actively exploiting a critical zero-day vulnerability affecting on-premises Microsoft SharePoint servers, prompting industry heavyweights to sound the alarm over the weekend.  Researchers discovered the active, ongoing attack spree Friday afternoon and warnings were issued en masse by Saturday evening. Microsoft released urgent guidance Saturday, advising on-premises SharePoint customers to turn on and properly … Read More “Mass attack spree hits Microsoft SharePoint zero-day defect  – CyberScoop” »

Microsoft has released new security updates to fix two serious vulnerabilities affecting on-premises SharePoint servers, warning that attackers…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The U.S. is stepping into a new cyber era, and it comes not a moment too soon. With the Trump administration’s sweeping $1 billion cyber initiative in the “Big Beautiful Bill” and growing congressional momentum under the 2026 National Defense Authorization Act (NDAA) to strengthen cyber deterrence, we’re seeing a shift in posture that many … Read More “Why it’s time for the US to go on offense in cyberspace  – CyberScoop” »

The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group considers anti-Russian. Read more in my article on the Hot for Security blog.  – Read More  … Read More “Europol targets Kremlin-backed cybercrime gang NoName057(16)  – Graham Cluley” »

By 2025, Zero Trust has evolved from a conceptual framework into an essential pillar of modern security. No longer merely theoretical, it’s now a requirement that organizations must adopt. A robust, defensible architecture built on Zero Trust principles does more than satisfy baseline regulatory mandates. It underpins cyber resilience, secures third-party partnerships, and ensures uninterrupted  … Read More “Assessing the Role of AI in Zero Trust  – The Hacker News” »

Even in well-secured environments, attackers are getting in—not with flashy exploits, but by quietly taking advantage of weak settings, outdated encryption, and trusted tools left unprotected. These attacks don’t depend on zero-days. They work by staying unnoticed—slipping through the cracks in what we monitor and what we assume is safe. What once looked suspicious now … Read More “⚡ Weekly Recap: SharePoint 0-Day, Chrome Exploit, macOS Spyware, NVIDIA Toolkit RCE and More  – The Hacker News” »

Kaspersky’s SecureList reveals GhostContainer, a new, highly customized backdoor targeting government and high-tech organizations in Asia via Exchange server vulnerabilities. Learn how this APT malware operates and how to stay protected.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A 72-hour sprint that produced working solutions for one of game development’s hardest problems: making it accessible to non-programmers.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO) key protections by deceiving users into approving authentication requests from spoofed company login portals. The activity, observed by Expel as part of a phishing campaign in the wild, has been attributed to a threat actor named PoisonSeed, … Read More “PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse  – The Hacker News” »

A new attack campaign has compromised more than 3,500 websites worldwide with JavaScript cryptocurrency miners, marking the return of browser-based cryptojacking attacks once popularized by the likes of CoinHive.  Although the service has since shuttered after browser makers took steps to ban miner-related apps and add-ons, researchers from the c/side said they found evidence of … Read More “3,500 Websites Hijacked to Secretly Mine Crypto Using Stealth JavaScript and WebSocket Tactics  – The Hacker News” »