Palo Alto, USA, 29th March 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
In what’s an instance of hacking the hackers, threat hunters have managed to infiltrate the online infrastructure associated with a ransomware group called BlackLock, uncovering crucial information about their modus operandi in the process. Resecurity said it identified a security vulnerability in the data leak site (DLS) operated by the e-crime group that made it possible to extract – Read...
A recent analysis published by Infoblox reveals a sophisticated phishing operation, dubbed Morphing Meerkat, actively exploiting DNS vulnerabilities… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
While inundated with ideas, you also need to consider how to present them effectively and structure the course… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Let’s face it: Rolling out new software across an entire organization can feel like herding cats. Between data… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Forescout researchers found multiple vulnerabilities in leading solar power system manufacturers, which could be exploited to cause emergencies and blackouts – Read More –
Claroty revealed that 89% of healthcare organizations use the top 1% of riskiest Internet-of-Medical-Things (IoMT) devices – Read More –
First reported earlier in March 2025, VanHelsing is a new ransomware-as-a-service operation. Read more in my article on the Tripwire State of Security blog. – Read More – Graham Cluley
Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control of devices or execute code remotely, posing severe risks to electrical grids. The vulnerabilities have been collectively codenamed SUN:DOWN by Forescout Vedere Labs. “The new vulnerabilities can be – Read...
Cybersecurity researchers are calling attention to a new sophisticated malware called CoffeeLoader that’s designed to download and execute secondary payloads. The malware, according to Zscaler ThreatLabz, shares behavioral similarities with another known malware loader known as SmokeLoader. “The purpose of the malware is to download and execute second-stage payloads while evading – Read More – The Hacker News
Many cyber experts are panning a new Trump administration executive order that would shift more responsibilities for responding to cyberattacks to state and local governments, saying it will leave states holding the bag for a job they aren’t best equipped to handle. The executive order, issued last week, is entitled “Achieving Efficiency Through State and Local Preparedness.” Its stated purpose...
The phishing campaign is highly sophisticated! – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Expert speakers discussed the impact of reported cutbacks to CISA on the ability of local officials to protect against surging cyber-attacks on US election infrastructure – Read More –
A PhaaS platform, dubbed ‘Morphing Meerkat,’ uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel – Read More –
Long gone are the days when a simple backup in a data center was enough to keep a business secure. While backups store information, they do not guarantee business continuity during a crisis. With IT disasters far too common and downtime burning through budgets, modern IT environments require solutions that go beyond storage and enable instant recovery to minimize downtime...
An Android malware family previously observed targeting Indian military personnel has been linked to a new campaign likely aimed at users in Taiwan under the guise of chat apps. “PJobRAT can steal SMS messages, phone contacts, device and app information, documents, and media files from infected Android devices,” Sophos security researcher Pankaj Kohli said in a Thursday analysis. PJobRAT, first ...
Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day. The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape. “Following the recent Chrome sandbox...
Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems. “Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers,” Sonatype researcher Ax Sharma said. “However, […] the latest – Read More – The Hacker...
A vulnerability has been discovered in CrushFTP, which could allow for unauthorized access. CrushFTP is a proprietary multi-protocol, multi-platform file transfer server. The vulnerability is mitigated if the DMZ feature of CrushFTP is in place. Successful exploitation of this vulnerability could allow an attacker to remotely control the compromised server and execute remote code. An attacker could then install programs; view,...
Disney’s latest Snow White movie, with a 1.6/10 IMDb rating, isn’t just the biggest flop the company has… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Democratic commissioners on the Federal Trade Commission filed a lawsuit against President Donald Trump on Thursday, saying his administration’s attempts to fire them violate the FTC Act and Supreme Court precedent. The lawsuit, filed in the District Court for the District of Columbia, asks the court to declare the president’s actions unlawful, affirm the statutory rights of Alvaro Bedoya and...
OpenAI Bug Bounty program boosts max reward to $100,000, expanding scope and offering new incentives to enhance AI security and reliability. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Posted by Qualys Security Advisory via Fulldisclosure on Mar 27 Qualys Security Advisory Three bypasses of Ubuntu’s unprivileged user namespace restrictions ======================================================================== Contents ======================================================================== Summary Bypass via aa-exec Bypass via busybox Bypass via LD_PRELOAD Acknowledgments Timeline (advisory sent to the Ubuntu Security Team on January 15, 2025)… – Read More – Full Disclosure
Sometimes the simplest pieces of software can cause the most complex security headaches for organizations. Browser extensions, which can be bought, sold and repurposed without warning, are a blind spot for organizations — ignored and often left unrecognized as a hidden threat. John Tuckner, founder of the browser extension security company Secure Annex, recently demonstrated how quickly he bought and...
Discover the novel QWCrypt ransomware used by RedCurl in targeted hypervisor attacks. This article details their tactics, including… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Cybersecurity researchers have shed light on a new phishing-as-a-service (PhaaS) platform that leverages the Domain Name System (DNS) mail exchange (MX) records to serve fake login pages that impersonate about 114 brands. DNS intelligence firm Infoblox is tracking the actor behind the PhaaS, the phishing kit, and the related activity under the moniker Morphing Meerkat. “The threat actor behind –...
Many successful phishing attacks result in a financial loss or malware infection. But falling for some phishing scams, like those currently targeting Russians searching online for organizations that are fighting the Kremlin war machine, can cost you your freedom or your life. The real website of the Ukrainian paramilitary group “Freedom of Russia” legion. The text has been machine-translated from...
Newly identified CoffeeLoader uses multiple evasion techniques and persistence mechanisms to deploy payloads and bypass endpoint security – Read More –
PJobRAT malware targets Taiwan Android users, stealing data through fake messaging platforms – Read More –
Cary, North Carolina, 27th March 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
A new analysis has uncovered connections between affiliates of RansomHub and other ransomware groups like Medusa, BianLian, and Play. The connection stems from the use of a custom tool that’s designed to disable endpoint detection and response (EDR) software on compromised hosts, according to ESET. The EDR killing tool, dubbed EDRKillShifter, was first documented as used by RansomHub actors in ...
Use-after-free is a memory corruption condition where a program references memory after it has been released back to the allocator. Statically detecting these bugs can be challenging. In the past, several approaches have addressed this problem, such as GUEB by Josselin Feist and Sean Heelan’s work on Finding use-after-free bugs with static analysis. This blog post explores the usage of...
Cybersecurity researcher Jeremiah Fowler discovered a data exposure at Australian fintech Vroom by YouX, exposing 27,000 records, including driver’s licenses, bank statements, and more. – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
The ICO’s Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties – Read More –
An advanced persistent threat (APT) group with ties to Pakistan has been attributed to the creation of a fake website masquerading as India’s public sector postal system as part of a campaign designed to infect both Windows and Android users in the country. Cybersecurity company CYFIRMA has attributed the campaign with medium confidence to a threat actor called APT36, which...
Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras – Read More –
Whether it’s CRMs, project management tools, payment processors, or lead management tools – your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more. A new report, Understanding SaaS Security Risks: Why – Read...
In an era where data breaches and cyber threats are on the rise, safeguarding sensitive information has become a… The post Vaultless Tokenization and Its Role in PCI DSS Compliance appeared first on JISA Softech Pvt Ltd. – Read More – JISA Softech Pvt Ltd
The UK’s National Crime Agency is warning of a growing cyber and physical threat from homegrown teens – Read More –
Hackers have long used Word and Excel documents as delivery vehicles for malware, and in 2025, these tricks are far from outdated. From phishing schemes to zero-click exploits, malicious Office files are still one of the easiest ways into a victim’s system. Here are the top three Microsoft Office-based exploits still making the rounds this year and what you need...
A YouTuber has unleashed an innovative AI bot army to disrupt and outwit the world of online scammers, and a New York Times investigation looks into the intricate web of global money laundering. All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault. – Read...
The UK’s National Cyber Security Centre has released new guidance to help domain registrars enhance security – Read More –
According to some reports, Kuala Lumpur International Airport had to resort to using whiteboards to communicate with passengers. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date. “The threat actor has slightly revamped their interface but is still relying on an iframe injection to display a full-screen overlay in the visitor’s browser,” c/side security analyst Himanshu – Read More – The Hacker...
A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focused software that’s used to manage data protection across applications, databases, virtual machines, and file systems, offering the ability to backup, restore, and clone data resources. The vulnerability, tracked as – Read More – The Hacker News
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below – CVE-2019-9874 (CVSS score: 9.8) – A deserialization vulnerability in the Sitecore.Security.AntiCSRF – Read More – The Hacker News
The Internet Archive (Archive.org), home to the Wayback Machine, is temporarily offline due to a reported power outage.… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
Cybersecurity threats are evolving at an unprecedented pace, leaving organizations vulnerable to large-scale attacks. Security breaches and data… – Read More – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News
The Commerce Department plans to finalize economic sanctions this week on nearly 20 Chinese and Taiwanese organizations, citing the need to limit their access to U.S. cloud, artificial intelligence and quantum computing technologies. The sanctions, which will be detailed and published Friday in the Federal Register , would place additional license requirements on, and limit the availability of, license exceptions...
U.S. intelligence leaders found themselves under intensified scrutiny from Congress for a second straight day, following revelations that significant military plans were discussed over text messaging application Signal. Both Director of National Intelligence Tulsi Gabbard and CIA Director John Ratcliffe apologized during a House Intelligence Committee hearing Wednesday, yet continued to claim that no sources, methods, locations or war plans...
