Author: djohnson

As the Department of Homeland Security seeks to transform a federal database for immigrant benefits into a supercharged database to search for noncitizen voters, a trio of Democratic senators are pressing the department for more information. Sens. Gary Peters, D-Mich., Alex Padilla, D-Calif., and Jeff Merkley, D-Ore., wrote to Homeland Security Secretary Kristi Noem on … Read More “Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters  – CyberScoop” »

An international law enforcement operation conducted this week targeted the members of and infrastructure used by NoName057(16), a pro-Russian hacktivist group that has conducted distributed denial-of-service (DDoS) attacks across Europe since early 2022. Operation Eastwood disrupted over 100 servers worldwide and resulted in two arrests, seven international arrest warrants, and 24 house searches across multiple … Read More “Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation  – CyberScoop” »

Police have struck a blow against the DiskStation ransomware gang which targets Synology NAS devices, and arresting its suspected ringleader. Make sure that you have properly hardened the security of your Network Access Storage devices to reduce the chances of your data being locked up by a ransomware attack. Read more in my article on … Read More “Police dismantle DiskStation ransomware gang targeting NAS devices, arrest suspected ringleader  – Graham Cluley” »

A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP. The malicious activity, dating back to at least October 2024, has been attributed by the Google Threat Intelligence Group (GTIG) to a group it tracks … Read More “UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit  – The Hacker News” »

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The modern marketing stack and every effective marketing platform runs on data. From ad campaigns to user journeys,…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Episource breach exposed data of 5.4M patients across the US. Linked to UnitedHealth’s Optum, the health tech firm was hit by a ransomware attack in early 2025.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The AI gold rush is on. But without identity-first security, every deployment becomes an open door. Most organizations secure native AI like a web app, but it behaves more like a junior employee with root access and no manager. From Hype to High Stakes Generative AI has moved beyond the hype cycle. Enterprises are: Deploying … Read More “AI Agents Act Like Employees With Root Access—Here’s How to Regain Control  – The Hacker News” »

Former US Army soldier Cameron Wagenius pleads guilty to hacking telecom companies and extorting $1 million+ using cybercrime forums like BreachForums and XSS.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have disclosed what they say is a “critical design flaw” in delegated Managed Service Accounts (dMSAs) introduced in Windows Server 2025. “The flaw can result in high-impact attacks, enabling cross-domain lateral movement and persistent access to all managed service accounts and their resources across Active Directory indefinitely,” Semperis said in a report shared … Read More “Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access  – The Hacker News” »

Social engineering attacks have entered a new era—and they’re coming fast, smart, and deeply personalized. It’s no longer just suspicious emails in your spam folder. Today’s attackers use generative AI, stolen branding assets, and deepfake tools to mimic your executives, hijack your social channels, and create convincing fakes of your website, emails, and even voice. … Read More “Deepfakes. Fake Recruiters. Cloned CFOs — Learn How to Stop AI-Driven Attacks in Real Time  – The Hacker News” »

Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud. The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign “decoy” app that’s hosted on the Google Play … Read More “New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code  – The Hacker News” »

Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an incorrect validation of untrusted input in the browser’s ANGLE and GPU components. “Insufficient … Read More “Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild  – The Hacker News” »

Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by … Read More “Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act  – The Hacker News” »

Fake Telegram apps are being spread through 607 malicious domains to deliver Android malware, using blog-style pages and phishing tactics to trick users.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A 21-year-old former Army soldier pleaded guilty Tuesday to charges stemming from a series of attacks and extortion attempts last year on telecommunications companies, including AT&T.  Cameron John Wagenius, who identified himself as “kiberphant0m” and “cyb3rph4nt0m” on online criminal forums, conducted extensive malicious activity for years, including while he was on active duty, the Justice … Read More “Former Army soldier pleads guilty to widespread attack spree linked to AT&T, Snowflake and others  – CyberScoop” »

Former White House national security adviser Mike Waltz brushed aside criticisms Tuesday that he put sensitive military operations at risk by holding discussions about military strikes in a Signal group chat, claiming the app’s use was authorized by the federal government’s top civilian cyber agency. In a Senate Foreign Relations Committee hearing, Waltz — who … Read More “Waltz brushes off SignalGate questions, points finger at CISA   – CyberScoop” »

Former White House national security adviser Mike Waltz brushed aside criticisms Tuesday that he put sensitive military operations at risk by holding discussions about military strikes in a Signal group chat, claiming the app’s use was authorized by the federal government’s top civilian cyber agency. In a Senate Foreign Relations Committee hearing, Waltz — who … Read More “Waltz brushes off SignalGate questions, points finger at CISA   – CyberScoop” »

AsyncRAT, the most prevalent remote access trojan observed in the wild, has spawned more than 30 forks and variants that increase the impact of the open-source malware, making it a popular and sometimes disguised tool of choice for cybercriminals, ESET researchers said in a report released Tuesday.  The open source remote access tool, which was … Read More “AsyncRAT seeds family of more than 30 remote access trojans  – CyberScoop” »

Beware! SVG images are now being used with obfuscated JavaScript for stealthy redirect attacks via spoofed emails. Get insights from Ontinue’s latest research on detection and defence.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service (DDoS) attacks in the second quarter of 2025, a significant drop from 20.5 million DDoS attacks it fended off the previous quarter. “Overall, in Q2 2025, hyper-volumetric DDoS attacks skyrocketed,” Omer Yoachimik and Jorge Pacheco said. “Cloudflare blocked over 6,500 hyper-volumetric DDoS attacks, an average … Read More “Hyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors  – The Hacker News” »

Cybersecurity researchers have shed light on a new ransomware-as-a-service (RaaS) operation called GLOBAL GROUP that has targeted a wide range of sectors in Australia, Brazil, Europe, and the United States since its emergence in early June 2025. GLOBAL GROUP was “promoted on the Ramp4u forum by the threat actor known as ‘$$$,’” EclecticIQ researcher Arda … Read More “Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools  – The Hacker News” »

Microchip renewal scam targets UK pet owners using leaked data from insecure registries. Emails appear legit but aim to steal money and personal info.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A criminal investigation into Twitter has been initiated by French prosecutors, over allegations that its algorithm is manipulated for the purposes of “foreign interference.”  – Read More  – Graham Cluley 

Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

In episode 59 of The AI Fix, our hosts ponder whether AIs need a “disagreement dial”, Mark wonders what he could do with an AI-powered “drug design engine”, Graham plays Wolfenstein instead of working, a robot graduates from high school, and a popular rock group is unmasked as an AI fever dream. Graham explains why … Read More “The AI Fix #59: Grok thinks it’s Mecha Hitler, and AIs can think strategically  – Graham Cluley” »

In recent years, there has been an increase in interest in JavaScript engine vulnerabilities in order to compromise web browsers. Notably, vulnerabilities in JIT engines are among the most favorite ones as they tend to provide strong primitives, and well-known techniques are available to facilitate compromise. At Pwn2Own Berlin 2025, Manfred Paul compromised the Mozilla … Read More “CVE-2025-4919: Corruption via Math Space in Mozilla Firefox  – Zero Day Initiative – Blog” »

Meme coins started as internet jokes, but by 2025, they’ve become one of the most volatile and talked-about…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Paris, France, 15th July 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT, which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. “AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into … Read More “AsyncRAT’s Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe  – The Hacker News” »

AI agents promise to automate everything from financial reconciliations to incident response. Yet every time an AI agent spins up a workflow, it has to authenticate somewhere; often with a high-privilege API key, OAuth token, or service account that defenders can’t easily see. These “invisible” non-human identities (NHIs) now outnumber human accounts in most cloud … Read More “Securing Agentic AI: How to Protect the Invisible Identity Access  – The Hacker News” »

Governmental organizations in Southeast Asia are the target of a new campaign that aims to collect sensitive information by means of a previously undocumented Windows backdoor dubbed HazyBeacon. The activity is being tracked by Palo Alto Networks Unit 42 under the moniker CL-STA-1020, where “CL” stands for “cluster” and “STA” refers to “state-backed motivation.” “The … Read More “State-Backed HazyBeacon Malware Uses AWS Lambda to Steal Data from SE Asian Governments  – The Hacker News” »