Author: Joe-W

If you live in the UK/EU/Canada/Hong Kong, LinkedIn has given you until Monday to stop AI from training on your profile. You have to opt-out if you don’t want this to happen to your data. Take action now, and tell your friends. Read more in my article on the Hot for Security blog.  – Read … Read More “LinkedIn gives you until Monday to stop AI from training on your profile  – Graham Cluley” »

Basketball stars have allegedly joined forces with the mafia to fleece high-rollers in a poker scam involving hacked shufflers, covert cameras, and an X-ray card table. Meanwhile, researchers have found they could poke around an FIA driver portal to pull up the personal details of Formula 1 megastars. All this and more is discussed in … Read More “Smashing Security podcast #441: Inside the mob’s million-dollar poker hack, and a Formula 1 fumble  – Graham Cluley” »

A new investigation from mobile security firm Zimperium has revealed a fast-growing cybersecurity threat targeting Android users through…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

A major Microsoft outage has disrupted Azure, Microsoft 365, Xbox, and Minecraft worldwide after a configuration failure, with services now gradually recovering.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

A 19-year-old California man associated with the nihilistic violent extremist group 764 pleaded not guilty to multiple charges of animal crushing, sexual exploitation of a minor, possession of child sexual abuse material (CSAM), cyberstalking and interstate extortion in a federal court Tuesday.  Tony Christopher Long of Porterville, Calif., allegedly committed the various criminal acts in … Read More “Alleged 764 member faces up to 69 years in prison for string of suspected violent crimes  – CyberScoop” »

An ex-L3 Harris executive pleaded guilty to two counts of theft of trade secrets Wednesday, admitting to selling eight zero-day exploits to a Russian broker in exchange for millions of dollars.  Peter Williams, 39, pleaded guilty in the District Court of the District of Columbia to two counts of theft of trade secrets. Court records … Read More “Ex-L3Harris exec pleads guilty to selling zero-day exploits to Russian broker  – CyberScoop” »

The Trump administration’s zeal to stamp out diversity, equity and inclusion programs is affecting national cybersecurity research, as a key open-source security foundation announced it would reject federal grant funding. The Python Software Foundation (PSF), which promotes safe and secure Python coding practices and helps oversee PyPI, the world’s largest open-source code repository for Python, … Read More “Open-source security group pulls out of U.S. grant, citing DEI restrictions  – CyberScoop” »

Tel Aviv, Israel, 29th October 2025, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Hackers exploit critical XWiki flaw CVE-2025-24893 to hijack corporate servers for cryptomining, with active attacks confirmed by VulnCheck researchers.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Cybersecurity researchers have flagged a new security issue in agentic web browsers like OpenAI ChatGPT Atlas that exposes underlying artificial intelligence (AI) models to context poisoning attacks. In the attack devised by AI security company SPLX, a bad actor can set up websites that serve different content to browsers and AI crawlers run by ChatGPT … Read More “New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts  – The Hacker News” »

Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi. “These automated campaigns exploit known CVE vulnerabilities and cloud misconfigurations to gain control over exposed systems and expand botnet networks,” the Qualys Threat Research Unit (TRU) said … Read More “Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices  – The Hacker News” »

Your main rival in the fintech space just raised $20 million in a very successful Series B funding…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Organizations in Ukraine have been targeted by threat actors of Russian origin with an aim to siphon sensitive data and maintain persistent access to compromised networks. The activity, according to a new report from the Symantec and Carbon Black Threat Hunter Team, targeted a large business services organization for two months and a local government … Read More “Russian Hackers Target Ukrainian Organizations Using Stealthy Living-Off-the-Land Tactics  – The Hacker News” »

BeyondTrust’s annual cybersecurity predictions point to a year where old defenses will fail quietly, and new attack vectors will surge. Introduction The next major breach won’t be a phished password. It will be the result of a massive, unmanaged identity debt. This debt takes many forms: it’s the “ghost” identity from a 2015 breach lurking … Read More “Preparing for the Digital Battlefield of 2026: Ghost Identities, Poisoned Accounts, & AI Agent Havoc  – The Hacker News” »

Artificial Intelligence (AI) is rapidly transforming Governance, Risk, and Compliance (GRC). It’s no longer a future concept—it’s here, and it’s already reshaping how teams operate. AI’s capabilities are profound: it’s speeding up audits, flagging critical risks faster, and drastically cutting down on time-consuming manual work. This leads to greater efficiency, higher accuracy, and a more  … Read More “Discover Practical AI Tactics for GRC — Join the Free Expert Webinar  – The Hacker News” »

Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to deliver an information stealer targeting Windows, Linux, and macOS systems. “The malware uses four layers of obfuscation to hide its payload, displays a fake CAPTCHA to appear legitimate, fingerprints victims by IP address, and downloads a 24MB PyInstaller-packaged information stealer … Read More “10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux  – The Hacker News” »

Threat actors are actively exploiting multiple security flaws impacting Dassault Systèmes DELMIA Apriso and XWiki, according to alerts issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and VulnCheck. The vulnerabilities are listed below – CVE-2025-6204 (CVSS score: 8.0) – A code injection vulnerability in Dassault Systèmes DELMIA Apriso that could allow an attacker … Read More “Active Exploits Hit Dassault and XWiki — CISA Confirms Critical Flaws Under Attack  – The Hacker News” »

Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts says a glut of proxies from Aisuru … Read More “Aisuru Botnet Shifts from DDoS to Residential Proxies  – Krebs on Security” »

Everest ransomware group leaks alleged AT&T Carrier data, demands $1 million for Dublin Airport files and $2 million for Air Arabia employee records.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

F5 CEO François Locoh-Donou said on a company earnings call that there were two categories of impact on customers following a nation-state attacker’s long-term, persistent access to its systems: widespread emergency updates to BIG-IP software and hardware, and customers whose configuration data was stolen during the attack. “We were very impressed frankly, with the speed … Read More “F5 asserts limited impact from prolonged nation-state attack on its systems  – CyberScoop” »

A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted execution environment (TEE) in a computer’s main processor, including Intel’s Software Guard eXtensions (SGX) and Trust Domain Extensions (TDX) and AMD’s Secure Encrypted Virtualization with Secure  … Read More “New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves  – The Hacker News” »

US teen indicted for involvement in extremist “764” network, accused of child exploitation, animal cruelty, and cyberstalking, says the Justice Department.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover (DTO) attacks. “Herodotus is designed to perform device takeover while making first attempts to mimic human behaviour and bypass behaviour biometrics detection,” ThreatFabric said in a report … Read More “New Android Trojan ‘Herodotus’ Outsmarts Anti-Fraud Systems by Typing Like a Human  – The Hacker News” »

As AI browser agents enter the market promising to help people shop, hire employees  or assist with other online tasks, security researchers are warning that the information these programs collect from the internet can be manipulated and corrupted without anyone ever realizing it. In new research shared exclusively with CyberScoop, AI cybersecurity firm SPLX highlighted … Read More “Exclusive: OpenAI’s Atlas browser — and others — can be tricked by manipulated web content  – CyberScoop” »

Threat actors tied to North Korea have been observed targeting the Web3 and blockchain sectors as part of twin campaigns tracked as GhostCall and GhostHire. According to Kaspersky, the campaigns are part of a broader operation called SnatchCrypto that has been underway since at least 2017. The activity is attributed to a Lazarus Group sub-cluster … Read More “Researchers Expose GhostCall and GhostHire: BlueNoroff’s New Malware Chains  – The Hacker News” »

A new Python-based infostealer called RedTiger is targeting Discord gamers to steal authentication tokens, passwords, and payment information. Learn how the malware works, its evasion tactics, and essential security steps like enabling MFA.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

In episode 74 of The AI Fix, we meet Amazon’s AI-powered delivery glasses, an AI TV presenter who doesn’t exist, and an Ohio lawmaker who wants to stop people from marrying their chatbot. Also, we learn how Geoffrey Hinton and Steve Wozniak have teamed up with the unlikely coupling of will.i.am and Steve Bannon to … Read More “The AI Fix #74: AGI, LLM brain rot, and how to scam an AI browser  – Graham Cluley” »

In cybersecurity, speed isn’t just a win — it’s a multiplier. The faster you learn about emerging threats, the faster you adapt your defenses, the less damage you suffer, and the more confidently your business keeps scaling. Early threat detection isn’t about preventing a breach someday: it’s about protecting the revenue you’re supposed to earn … Read More “Why Early Threat Detection Is a Must for Long-Term Business Growth  – The Hacker News” »