Author: Joe-W

As security professionals, it’s easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacks often aren’t from cutting-edge exploits, but from cracked credentials and compromised accounts. Despite widespread awareness of this threat vector, Picus Security’s Blue Report 2025 shows that organizations continue to struggle with … Read More “Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025  – The Hacker News” »

A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major hacks and cryptocurrency thefts. Noah Michael Urban pleaded guilty to charges related to wire fraud and aggravated identity theft back in April 2025. News of … Read More “Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft  – The Hacker News” »

Apple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has come under active exploitation in the wild. The zero-day out-of-bounds write vulnerability, tracked as CVE-2025-43300, resides in the ImageIO framework that could result in memory corruption when processing a malicious image. “Apple is aware of a … Read More “Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks  – The Hacker News” »

In episode 431 of the “Smashing Security” podcast, a self-proclaimed crypto-influencer calling himself CP3O thought he had found a shortcut to riches — by racking up millions in unpaid cloud bills. Meanwhile, we look at the growing threat of EDR-killer tools that can quietly switch off your endpoint protection before an attack even begins. And … Read More “Smashing Security podcast #431: How to mine millions without paying the bill  – Graham Cluley” »

FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A Russian state-sponsored cyber espionage group known as Static Tundra has been observed actively exploiting a seven-year-old security flaw in Cisco IOS and Cisco IOS XE software as a means to establish persistent access to target networks. Cisco Talos, which disclosed details of the activity, said the attacks single out organizations in telecommunications, higher education … Read More “FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage  – The Hacker News” »

Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could be exploited to steal account credentials, two-factor authentication (2FA) codes, and credit card details under certain conditions. The technique has been dubbed Document Object Model (DOM)-based extension clickjacking by independent security researcher Marek Tóth,  – Read More  – … Read More “DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft  – The Hacker News” »

Frankfurt am Main, Germany, 20th August 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Doctor Web warns of Android.Backdoor.916.origin, a fake antivirus app that spies on Russian users by stealing data, streaming…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A Russian state-sponsored espionage group has been systematically compromising network devices worldwide for over a decade, exploiting a seven-year-old vulnerability to steal sensitive data and establish persistent access to organizations across multiple sectors, according to new research from Cisco Talos Intelligence. The group, designated “Static Tundra” by Cisco Talos, is linked to the Russian Federal … Read More “Russian cyber group exploits seven-year-old network vulnerabilities for long-term espionage  – CyberScoop” »

A Russian state-sponsored espionage group has been systematically compromising network devices worldwide for over a decade, exploiting a seven-year-old vulnerability to steal sensitive data and establish persistent access to organizations across multiple sectors, according to new research from Cisco Talos Intelligence. The group, designated “Static Tundra” by Cisco Talos, is linked to the Russian Federal … Read More “Russian cyber group exploits seven-year-old network vulnerabilities for long-term espionage  – CyberScoop” »

A new report from Red Canary reveals a clever Linux malware called DripDropper that exploits a flaw and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative artificial intelligence (GenAI) model into carrying out intended actions by embedding the malicious instruction inside a fake CAPTCHA check on a web page. Described by Guardio Labs an “AI-era take on the ClickFix scam,” the attack technique demonstrates how AI-driven … Read More “Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts  – The Hacker News” »

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Scammers have been spotted abusing AI site builder Lovable to mimic trusted brands, steal credentials, drain crypto wallets,…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Do you know how many AI agents are running inside your business right now? If the answer is “not sure,” you’re not alone—and that’s exactly the concern. Across industries, AI agents are being set up every day. Sometimes by IT, but often by business units moving fast to get results. That means agents are running … Read More “🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do  – The Hacker News” »

Modern businesses face a rapidly evolving and expanding threat landscape, but what does this mean for your business? It means a growing number of risks, along with an increase in their frequency, variety, complexity, severity, and potential business impact. The real question is, “How do you tackle these rising threats?” The answer lies in having … Read More “From Impact to Action: Turning BIA Insights Into Resilient Recovery  – The Hacker News” »

The Committee on Foreign Investment in the United States just published its 2024 report, revealing once again that shielding U.S. tech from risky foreign investments was a critical focus for the interagency group that reviews investments in the United States for national security risks. But as U.S.-China tensions further intensify, bolstering these reviews is even … Read More “The U.S. should bolster investment reviews to combat China  – CyberScoop” »

North Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in their southern counterpart between March and July 2025. The activity manifested in the form of at least 19 spear-phishing emails that impersonated trusted diplomatic contacts with the goal of luring embassy staff and foreign ministry personnel with convincing … Read More “North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms  – The Hacker News” »

A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service (DDoS)-for-hire botnet called RapperBot. Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice (DoJ) said. The botnet has been used to carry out large-scale DDoS-for-hire … Read More “DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks  – The Hacker News” »

Authorities claim they’ve gained control of Rapper Bot and stopped attacks emanating from what they described as “among the most powerful DDoS botnets to have ever existed.”  The takeover and effective disruption of the botnet, also known as Eleven Eleven Botnet and CowBot, occurred after officials identified and served a warrant at the Oregon residence … Read More “Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator  – CyberScoop” »

Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware called DripDropper. But in an unusual twist, the unknown attackers have been observed patching the exploited vulnerability after securing initial access to prevent further exploitation by other adversaries and evade detection, Red … Read More “Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems  – The Hacker News” »

Australian ISP iiNet confirms data breach as hackers stole 280,000 email accounts, phone numbers and user data using…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A hack of the Netherlands’ Public Prosecution Service has had an unusual side effect – causing some speed cameras to be no longer capturing evidence of motorists breaking the rules of the road. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

Citizen Lab’s new report, Hidden Links, uncovers a network of VPN providers like Turbo VPN and VPN Monster…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

In episode 64 of The AI Fix, AI discovers new physics, a robot crab looks for love on the beaches of Portugal, the “Godfather of AI” thinks our only hope is to build motherly AI, a robot folds some laundry, the UK government has a terrible idea, and our hosts discover a long lost sixties … Read More “The AI Fix #64: AI can be vaccinated against evil, and the “Rumble in the Silicon Jungle”  – Graham Cluley” »

Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT. The malicious activity involves the “distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger,” Kaspersky researcher Saurabh Sharma said in a technical analysis published today. The  … Read More “New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code  – The Hacker News” »

Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT. The malicious activity involves the “distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger,” Kaspersky researcher Saurabh Sharma said in a technical analysis published today. The  … Read More “New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code  – The Hacker News” »

The United Kingdom has withdrawn its demand that Apple create a backdoor to its encrypted cloud systems following months of diplomatic pressure from the United States, according to a statement from Director of National Intelligence Tulsi Gabbard. Gabbard announced the decision Monday on X, stating that the U.S. government had worked closely with British partners … Read More “UK abandons Apple backdoor demand after US diplomatic pressure  – CyberScoop” »