Author: Tim Starks

Google says it is starting a cyber “disruption unit,” a development that arrives in a potentially shifting U.S. landscape toward more offensive-oriented approaches in cyberspace. But the contours of that larger shift are still unclear, and whether or to what extent it’s even possible. While there’s some momentum in policymaking and industry circles to put … Read More “Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense  – CyberScoop” »

Farmers Insurance reports a breach affecting 1.1 million customers. Learn how the attack, linked to groups ShinyHunters and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A financially motivated threat group operating since 2021 has refined its technical tradecraft, honing its focus on cloud-based systems that allow it to expand ransomware operations beyond the scope of on-premises infrastructure, Microsoft Threat Intelligence said in a report released Wednesday. By leveraging cloud-native capabilities, Storm-0501 has exfiltrated large volumes of data with speed, destroying … Read More “Microsoft details Storm-0501’s focus on ransomware in the cloud  – CyberScoop” »

Cybersecurity company ESET has disclosed that it discovered an artificial intelligence (AI)-powered ransomware variant codenamed PromptLock. Written in Golang, the newly identified strain uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts in real-time. The open-weight language model was released by OpenAI earlier this month. “PromptLock  – Read … Read More “Someone Created First AI-Powered Ransomware Using OpenAI’s gpt-oss:20b Model  – The Hacker News” »

Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of personal data in July 2025. “The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government, and religious institutions,” the company said. ”  – Read … Read More “Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors  – The Hacker News” »

A new advisory from Google and Mandiant reveals a widespread data breach in Salesforce. Learn how UNC6395 bypassed…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A critical vulnerability (CVE-2025-9074) in Docker Desktop for Windows and macOS was fixed. The flaw allowed a malicious…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific (APAC). According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration. The hacking group shares toolset and infrastructural overlaps with campaigns undertaken by … Read More “ShadowSilk Hits 36 Government Targets in Central Asia and APAC Using Telegram Bots  – The Hacker News” »

Employees are experimenting with AI at record speed. They are drafting emails, analyzing data, and transforming the workplace. The problem is not the pace of AI adoption, but the lack of control and safeguards in place. For CISOs and security leaders like you, the challenge is clear: you don’t want to slow AI adoption down, … Read More “The 5 Golden Rules of Safe AI Adoption  – The Hacker News” »

Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025. These attacks, observed by Recorded Future Insikt Group, targeted various victims, but primarily within the Colombian government across local, municipal, and federal levels. The threat intelligence firm is tracking the activity … Read More “Blind Eagle’s Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra  – The Hacker News” »

A widespread data theft campaign has allowed hackers to breach sales automation platform Salesloft to steal OAuth and refresh tokens associated with the Drift artificial intelligence (AI) chat agent. The activity, assessed to be opportunistic in nature, has been attributed to a threat actor tracked by Google Threat Intelligence Group and Mandiant, tracked as UNC6395. … Read More “Salesloft OAuth Breach via Drift AI Chat Agent Exposes Salesforce Customer Data  – The Hacker News” »

Citrix and cybersecurity researchers warn a critical, zero-day vulnerability affecting multiple versions of Citrix NetScaler products is under active exploitation. Citrix issued a security bulletin about the vulnerability — CVE-2025-7775 — and urged customers on affected versions to install upgrades Tuesday. The memory-overflow vulnerability, which has an initial CVSS rating of 9.2, can be exploited … Read More “Citrix NetScaler customers hit by third actively exploited zero-day vulnerability since June  – CyberScoop” »

Google Threat Intelligence Group warned about a “widespread data theft campaign” that compromised hundreds of Salesforce customers over a 10-day span earlier this month.  According to a report published Thursday, researchers say a threat group Google tracks as UNC6395 stole large volumes of data from Salesforce customer instances by using stolen OAuth tokens from Salesloft … Read More “Hundreds of Salesforce customers impacted by attack spree linked to third-party AI agent  – CyberScoop” »

The post DOGE employees uploaded Social Security database to ‘vulnerable’ cloud, agency whistleblower says appeared first on CyberScoop.   – Read More  – CyberScoop 

Researchers at cybersecurity firm ESET claim to have identified the first piece of AI-powered ransomware in the wild. The malware, called PromptLock, essentially functions as a hard-coded prompt injection attack on a large language model, causing the model to assist in carrying out a ransomware attack. Written in Golang programming code, the malware sends its … Read More “Researchers flag code that uses AI systems to carry out ransomware attacks  – CyberScoop” »

Zscaler reports 77 Android apps on Google Play with 19 million installs spread malware, hitting 831 banks and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A court injunction in the long fight between Fortnite publisher Epic Games and Google could have “catastrophic results for the nation’s security” and “risks creating massive cybersecurity vulnerabilities in the online ecosystem,” a group of former top government officials said in a filing Monday. At issue, they wrote, is a district court injunction requiring Google … Read More “Court ruling in Epic-Google fight could have ‘catastrophic’ cyber consequences, former gov’t officials say  – CyberScoop” »

A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB). The attack, per the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), relies on a new open-source software … Read More “New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station  – The Hacker News” »

Citrix has released fixes to address three security flaws in NetScaler ADC and NetScaler Gateway, including one that it said has been actively exploited in the wild. The vulnerabilities in question are listed below – CVE-2025-7775 (CVSS score: 9.2) – Memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service CVE-2025-7776 (CVSS score: 8.8) – … Read More “Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775  – The Hacker News” »

In episode 65 of The AI Fix, a pigeon gives a PowerPoint presentation, Mark plays Graham a song about the Transformer architecture, a robot dog delivers parcels, some robots fall over at the World Humanoid Robot Games, and Graham takes credit for one of computing’s greatest insights. Plus, Graham explains why Microsoft doesn’t want you … Read More “The AI Fix #65: Excel Copilot will wreck your data, and can AI fix social media?  – Graham Cluley” »

The cybersecurity community on Reddit responded in disbelief this month when a self-described Air National Guard member with top secret security clearance began questioning the arrangement they’d made with company called DSLRoot, which was paying $250 a month to plug a pair of laptops into the Redditor’s high-speed Internet connection in the United States. This … Read More “DSLRoot, Proxies, and the Threat of ‘Legal Botnets’  – Krebs on Security” »

A suspected hacker, believed to be the mastermind behind an organised campaign of attacks that stole millions of dollars worth of stocks from celebrities, including BTS singer Jung Kook, has been extradited to South Korea. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

Incogni finds top foreign apps downloaded in the US harvest names, locations, and emails, sharing them with third parties for ads and profiling.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. “Instead of sending unsolicited phishing emails, attackers initiate contact through a company’s public ‘Contact Us’ form, tricking  – Read More  – The … Read More “MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers  – The Hacker News” »

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to direct site visitors to fake CAPTCHA verification pages that employ the ClickFix social engineering tactic to deliver information stealers, ransomware, and cryptocurrency miners. The large-scale cybercrime campaign, first detected in August 2025, has been codenamed ShadowCaptcha by the Israel National  – … Read More “ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners  – The Hacker News” »

Zimperium’s research reveals the Hook Android malware is now a hybrid threat, using ransomware and spyware to steal…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Silver Spring, USA / Maryland, 26th August 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Menlo Park, United States, 26th August 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto