Cybersecurity News from Across the Internet
BlackSuit’s technical infrastructure was seized in a globally coordinated takedown operation last month that authorities touted as a significant blow in the fight against cybercrime. The ransomware group’s leak site has displayed a seizure notice since July 24. The takedown followed a long investigation, which allowed authorities to confiscate “considerable amounts of data,” and identify … Read More “Details emerge on BlackSuit ransomware takedown – CyberScoop” »
JSCEAL malware targets millions using fake crypto app ads to steal wallets and data. Users urged to stay alert and avoid downloading from untrusted sources. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A newly disclosed set of security flaws in NVIDIA’s Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence (AI) models at scale, could be exploited to take over susceptible servers. “When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving … Read More “NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers – The Hacker News” »
Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer. The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint … Read More “Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally – The Hacker News” »
Python-based PXA Stealer has stolen data from more than 4000 victims in over 62 countries, according to SentinalLabs – Read More –
Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong. “The botnet’s rapid growth, which now exceeds 2,000 new infections per week, is driven by aggressive campaigns focusing on Spanish and French speakers, indicating a … Read More “PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads – The Hacker News” »
Cybersecurity threats to local governments are part of life in the digital environment in which people live today.… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The Senate voted to confirm Sean Cairncross as national cyber director Saturday, giving the Trump administration one of its top cyber officials after a more than five-month process. The vote was 59-35. President Donald Trump nominated Cairncross on Feb. 12. The Senate Homeland Security and Governmental Affairs Committee held a hearing on his nomination in … Read More “Senate confirms national cyber director pick Sean Cairncross – CyberScoop” »
North Korean operatives seeking and gaining technical jobs with foreign companies kept CrowdStrike busy, accounting for almost one incident response case or investigation per day in the past year, the company said in its annual threat hunting report released Monday. “We saw a 220% year-over-year increase in the last 12 months of Famous Chollima activity,” … Read More “CrowdStrike investigated 320 North Korean IT worker cases in the past year – CyberScoop” »
Everyone’s an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don’t need to clear it with your team first. It’s great for productivity, but it’s a serious problem for your security posture. When the floodgates of SaaS and AI opened, IT didn’t just get democratized, … Read More “The Wild West of Shadow IT – The Hacker News” »
Newark, United States, 4th August 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Some of the most devastating cyberattacks don’t rely on brute force, but instead succeed through stealth. These quiet intrusions often go unnoticed until long after the attacker has disappeared. Among the most insidious are man-in-the-middle (MITM) attacks, where criminals exploit weaknesses in communication protocols to silently position themselves between two unsuspecting parties – Read More … Read More “Man-in-the-Middle Attack Prevention Guide – The Hacker News” »
Security researchers at Bitdefender have found two critical vulnerabilities (CVE-2025-31700, CVE-2025-31701) in popular Dahua security cameras, including the Hero C1 model. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about … Read More “⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More – The Hacker News” »
A new security flaw, LegalPwn, exploits a weakness in generative AI tools like GitHub Copilot and ChatGPT, where malicious code is disguised as legal disclaimers. Learn why human oversight is now more critical than ever for AI security. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
North Korean operatives seeking and gaining technical jobs with foreign companies kept CrowdStrike busy, accounting for almost one incident response case or investigation per day in the past year, the company said in its annual threat hunting report released Monday. “We saw a 220% year-over-year increase in the last 12 months of Famous Chollima activity,” … Read More “CrowdStrike investigated 320 North Korean IT worker cases in the past year – CyberScoop” »
With the changing needs of customers and the emergence of an increasingly digital financial service industry, Open Banking has… The post Open Banking: Balancing Innovation & Risk appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
CrowdStrike revealed the surge in cloud intrusions was partly driven by a 40% increase in Chinese-state actors exploiting these environments – Read More –
The Pwn2Own competition is offering a $1m reward to any teams able to unearth a WhatsApp code execution exploit – Read More –
Arctic Wolf has spotted an increase in Akira ransomware attacks targeting SonicWall SSL VPNs – Read More –
Web traffic to AI sites surged 50% from Feb 2024 to Jan 2025, driven by browser-based GenAI tools – Read More –
Forescout also observed a big rise in CVEs added to CISA’s KEV catalog, some of which impacted end-of-life products – Read More –
Posted by Apple Product Security via Fulldisclosure on Aug 02 APPLE-SA-07-30-2025-1 Safari 18.6 Safari 18.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/124152. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. libxml2 Available for: macOS Ventura and macOS Sonoma Impact: … Read More “APPLE-SA-07-30-2025-1 Safari 18.6 – Full Disclosure” »
Posted by Sandro Gauci via Fulldisclosure on Aug 02 Rtpengine: RTP Inject and RTP Bleed vulnerabilities despite proper configuration (CVSS v4.0 Score: 9.3 / Critical) – CVSS v4.0 – Exploitability: High – Complexity: Low – Vulnerable system: Medium – Subsequent system: Medium – Exploitation: High – Security requirements: High – Vector: https://www.first.org/cvss/calculator/4-0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:H/SI:H/SA:H – Other … Read More “Rtpengine: RTP Inject and RTP Bleed vulnerabilities despite proper configuration (CVSS v4.0 Score: 9.3 / Critical) – Full Disclosure” »
Security firm Point Wild has exposed a new malware campaign using malicious LNK files to install the REMCOS backdoor. This report details how attackers disguise files to gain full system control. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks. Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical telecommunications infrastructure between February and November 2024. The attacks are characterized by the – … Read More “CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign – The Hacker News” »
Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year. “The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access,” Nextron Systems researcher Pierre-Henri Pezier said. Pluggable Authentication Modules – Read More … Read More “New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft – The Hacker News” »
The US DOJ has announced the largest-ever compensation process for human trafficking victims of Backpage. Learn about the $200M fund, who is eligible, and the steps to file a petition before the February 2, 2026, deadline. This comes years after the site’s seizure, as previously reported by Hackread.com. – Read More – Hackread – Latest … Read More “US Government Begins $200M Payouts to Backpage Trafficking Victims – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto” »
Cybersecurity is no longer a technical afterthought, thanks to today’s interconnected world. It’s a boardroom imperative. As online… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
SonicWall SSL VPN devices have become the target of Akira ransomware attacks as part of a newfound surge in activity observed in late July 2025. “In the intrusions reviewed, multiple pre-ransomware intrusions were observed within a short period of time, each involving VPN access through SonicWall SSL VPNs,” Arctic Wolf Labs researcher Julian Tuin said … Read More “Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices – The Hacker News” »
Threat researchers at AimLabs on Friday disclosed a data-poisoning attack affecting the AI-powered code editing software Cursor that would have given an attacker remote code execution privileges over user devices. According to AimLabs, the flaw was reported to Cursor on July 7 and a patch was included in an update one day later for version … Read More “Cursor’s AI coding agent morphed ‘into local shell’ with one-line prompt attack – CyberScoop” »
Threat researchers at AimLabs on Friday disclosed a data-poisoning attack affecting the AI-powered code editing software Cursor that would have given an attacker remote code execution privileges over user devices. According to AimLabs, the flaw was reported to Cursor on July 7 and a patch was included in an update one day later for version … Read More “Cursor’s AI coding agent morphed ‘into local shell’ with one-line prompt attack – CyberScoop” »
Social engineering — an expanding variety of methods that attackers use to trick professionals to gain access to their organizations’ core data and systems — is now the top intrusion point globally, attracting an array of financially motivated and nation-state backed threat groups. More than one-third (36%) of the incident response cases Palo Alto Networks’ … Read More “Social engineering attacks surged this past year, Palo Alto Networks report finds – CyberScoop” »
Cybersecurity researchers have disclosed a now-patched, high-severity security flaw in Cursor, a popular artificial intelligence (AI) code editor, that could result in remote code execution. The vulnerability, tracked as CVE-2025-54135 (CVSS score: 8.6), has been addressed in version 1.3 released on July 29, 2025. It has been codenamed CurXecute by Aim Labs, which previously disclosed EchoLeak. … Read More “Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection – The Hacker News” »
San Francisco, California, 1st August 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cybersecurity researchers have detailed a new cluster of activity where threat actors are impersonating enterprises with fake Microsoft OAuth applications to facilitate credential harvesting as part of account takeover attacks. “The fake Microsoft 365 applications impersonate various companies, including RingCentral, SharePoint, Adobe, and Docusign,” Proofpoint said in a Thursday report. The – Read More – … Read More “Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts – The Hacker News” »
U.S. intelligence agencies launched cyberattacks on two Chinese military enterprises dating back to 2022, in one case exploiting a Microsoft zero-day, China alleged Friday. The Cyber Security Association of China said that in the first case, U.S. agencies from July of 2022 to July of 2023 “exploited a zero-day vulnerability in Microsoft Exchange Mail to … Read More “China accuses US of exploiting Microsoft zero-day in cyberattack – CyberScoop” »
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer “advanced license validation and registry optimization utilities for high-performance Node.js applications.” It was uploaded to npm by a user named “Kodane” on July 28, 2025. The – Read … Read More “AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown – The Hacker News” »
Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them The junk food problem in cybersecurity Imagine a triathlete who spares no expense on equipment—carbon fiber bikes, hydrodynamic wetsuits, precision GPS … Read More “You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them – The Hacker News” »
Microsoft has observed Russian state actor Secret Blizzard using an AiTM position to gain initial access, assisted by official domestic intercept systems – Read More –
Spikes in attacker activity precede the disclosure of vulnerabilities 80% of the time, according to a new GreyNoise report – Read More –
The NIST National Cybersecurity Center of Excellence (NCCoE) has released a second public draft of NIST Internal Report 8536, Supply Chain Traceability: Manufacturing Meta-Framework for public comment. We thank everyone who submitted comments on the – Read More – News and Events Feed by Topic
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations. The framework includes at least two different types of clients, HTTP-based and Domain Name System (DNS)-based, which have been dubbed AK47HTTP and … Read More “Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks – The Hacker News” »
Flashpoint data reveals an 800% increase in credentials stolen via infostealers in just six months – Read More –
The UK’s AI Security Institute has announced a new AI misalignment research program – Read More –
If you just want to read the rules, you can find them here. Last year, we moved our consumer-focused Pwn2Own event to our offices in Cork, Ireland, and the event could not have gone better. Despite some dreary Irish skies, much fun was had as researchers from around the world demonstrated their best exploits – … Read More “Pwn2Own Returns to Ireland with a One Million Dollar WhatsApp Target – Zero Day Initiative – Blog” »
Everest ransomware claims Mailchimp breach, leaks 943,000 lines of data. While limited in size, it adds to a spike in global ransomware activity this July. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Beware of Epsilon Red ransomware as attackers impersonate Discord, Twitch and OnlyFans using fake verification pages with .HTA files and ActiveX to spread malware. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The Russian nation-state threat actor known as Secret Blizzard has been observed orchestrating a new cyber espionage campaign targeting foreign embassies located in Moscow by means of an adversary-in-the-middle (AitM) attack at the Internet Service Provider (ISP) level and delivering a custom malware dubbed ApolloShadow. “ApolloShadow has the capability to install a trusted root certificate … Read More “Secret Blizzard Deploys Malware in ISP-Level AitM Attacks on Moscow Embassies – The Hacker News” »
Security Operations Centers (SOCs) are stretched to their limits. Log volumes are surging, threat landscapes are growing more complex, and security teams are chronically understaffed. Analysts face a daily battle with alert noise, fragmented tools, and incomplete data visibility. At the same time, more vendors are phasing out their on-premises SIEM solutions, encouraging migration to … Read More “Alert Fatigue, Data Overload, and the Fall of Traditional SIEMs – The Hacker News” »
