Category: Attack Feeds

Introduction Financial institutions are facing a new reality: cyber-resilience has passed from being a best practice, to an operational necessity, to a prescriptive regulatory requirement. Crisis management or Tabletop exercises, for a long time relatively rare in the context of cybersecurity, have become required as a series of regulations has introduced this requirement to FSI … Read More “From Tabletop to Turnkey: Building Cyber Resilience in Financial Services  – The Hacker News” »

Time itself comes under attack as a state-backed hacking gang spends two years tunnelling toward a nation’s master clock — with chaos potentially only a tick away. Plus when ransomware negotiators turn to the dark side, what could possibly go wrong? All this and more is discussed in episode 442 of the “Smashing Security” podcast … Read More “Smashing Security podcast #442: The hack that messed with time, and rogue ransom where negotiators  – Graham Cluley” »

Bitdefender has once again been recognized as a Representative Vendor in the Gartner® Market Guide for Managed Detection and Response (MDR) — marking the fourth consecutive year of inclusion. According to Gartner, more than 600 providers globally claim to deliver MDR services, yet only a select few meet the criteria to appear in the Market … Read More “Bitdefender Named a Representative Vendor in the 2025 Gartner® Market Guide for Managed Detection and Response  – The Hacker News” »

The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware. According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to deploy a minimalistic, Alpine Linux-based virtual machine. “This hidden … Read More “Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection  – The Hacker News” »

SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files. “The malicious activity – carried out by a state-sponsored threat actor – was isolated to the unauthorized access of cloud backup files from a specific cloud environment using an API call,” … Read More “SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach  – The Hacker News” »

For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare’s public ranking of the most frequently requested websites. Cloudflare responded by redacting Aisuru domain names from their top websites list. The chief executive at Cloudflare says Aisuru’s overlords are using the botnet to boost … Read More “Cloudflare Scrubs Aisuru Botnet from Top Domains List  – Krebs on Security” »

Nikkei confirms breach after a virus infected an employee PC, exposing 17,368 names and Slack chat histories. The media giant reported the incident voluntarily.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Congressional leaders are pressing federal agencies to provide more information on their plans to compete with China on a range of tech and cybersecurity issues, including a strategy for promoting American 6G telecommunications infrastructure and limiting Chinese tech in US supply chains. Representative Raja Krishnamoorthi, D-Ill., ranking member on the House Select Committee on the … Read More “Congressional leaders want an executive branch strategy on China 6G, tech supply chain  – CyberScoop” »

A federal judge has reimposed a sentence on Paige Thompson, the former Amazon Web Services engineer convicted in the 2019 Capital One data breach that compromised the personal information of more than 100 million people. U.S. District Judge Robert Lasnik sentenced Thompson to time served, plus five years of supervised release with three years of … Read More “Court reimposes original sentence for Capital One hacker   – CyberScoop” »

When a pair of high-profile internet outages took down large chunks of the internet last month, the events briefly brought hundreds of organizations to a near-halt and prevented millions of users from accessing core services for everyday business needs.  From Starbucks to crypto exchanges to the messaging app Signal, the outages rippled across nearly every … Read More “With each cloud outage, calls for government action grow louder   – CyberScoop” »

When a pair of high-profile internet outages took down large chunks of the internet last month, the events briefly brought hundreds of organizations to a near-halt and prevented millions of users from accessing core services for everyday business needs.  From Starbucks to crypto exchanges to the messaging app Signal, the outages rippled across nearly every … Read More “With each cloud outage, calls for government action grow louder   – CyberScoop” »

A Commerce Department office should investigate Chinese government-connected products in more than a dozen emerging industries for security threats, a group of House GOP committee leaders said in a letter they released Wednesday. In the missive, the lawmakers said the Office of Information and Communications Technology and Services has the power to both investigate and … Read More “House GOP leaders seek government probe, restrictions on Chinese-made tech  – CyberScoop” »

JFrog researchers found a critical RCE vulnerability (CVE-2025-11953) in the popular React Native CLI. Developers using versions 4.8.0-20.0.0-alpha.2 must update to patch the flaw.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The U.S. Treasury Department on Tuesday imposed sanctions against eight individuals and two entities within North Korea’s global financial network for laundering money for various illicit schemes, including cybercrime and information technology (IT) worker fraud. “North Korean state-sponsored hackers steal and launder money to fund the regime’s nuclear weapons program,” said Under Secretary of  – … Read More “U.S. Sanctions 10 North Korean Entities for Laundering $12.7M in Crypto and IT Fraud  – The Hacker News” »

Behind every alert is an analyst; tired eyes scanning dashboards, long nights spent on false positives, and the constant fear of missing something big. It’s no surprise that many SOCs face burnout before they face their next breach. But this doesn’t have to be the norm. The path out isn’t through working harder, but through … Read More “Why SOC Burnout Can Be Avoided: Practical Steps  – The Hacker News” »

Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence (AI) model API to write its own source code for improved obfuscation and evasion. “PROMPTFLUX is written in VBScript and interacts with Gemini’s API to request specific … Read More “Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly  – The Hacker News” »

Norton finds a flaw in the new Midnight ransomware built from Babuk code and releases a free decryptor to help victims recover files without paying a ransom.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI’s ChatGPT artificial intelligence (AI) chatbot that could be exploited by an attacker to steal personal information from users’ memories and chat histories without their knowledge. The seven vulnerabilities and attack techniques, according to Tenable, were found in OpenAI’s GPT-4o and GPT-5 models. OpenAI has  … Read More “Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data  – The Hacker News” »

The federal cybersecurity system is weathering a series of crises that couldn’t have arrived at a worse time. The F5 security breach from Oct. 15, the proposed elimination of more than 1,000 jobs at the Cybersecurity and Infrastructure Security Agency (CISA), and the ongoing federal government shutdown have created a perfect storm that is not … Read More “How the F5 breach, CISA job cuts, and a government shutdown are eroding U.S. cyber readiness  – CyberScoop” »

New AWS report data reveals the top four security failure points in the cloud, including vulnerability exploitation (24%)…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Raise your hand if you’ve heard the myth, “Android isn’t secure.” Android phones, such as the Samsung Galaxy, unlock new ways of working. But, as an IT admin, you may worry about the security—after all, work data is critical. However, outdated concerns can hold your business back from unlocking its full potential. The truth is, … Read More “Securing the Open Android Ecosystem with Samsung Knox  – The Hacker News” »

Microsoft Teams vulnerabilities let attackers impersonate users, edit chat history, and spoof calls before Microsoft issued security fixes in late 2025.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

A never-before-seen threat activity cluster codenamed UNK_SmudgedSerpent has been attributed as behind a set of cyber attacks targeting academics and foreign policy experts between June and August 2025, coinciding with heightened geopolitical tensions between Iran and Israel. “UNK_SmudgedSerpent leveraged domestic political lures, including societal change in Iran and investigation into the  – Read More  – … Read More “Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions  – The Hacker News” »

The marketplace revolution is here, and it’s transforming how we buy, sell, and share everything from vintage furniture…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Gladinet and Control Web Panel (CWP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below – CVE-2025-11371 (CVSS score: 7.5) – A vulnerability in files or directories … Read More “CISA Adds Gladinet and CWP Flaws to KEV Catalog Amid Active Exploitation Evidence  – The Hacker News” »

Google Chrome browser’s new enhanced autofill feature can now remember and automatically fill in personal data such as…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Apple disclosed an exceptionally high number of vulnerabilities in core services and components used across its most popular devices, as the tech giant addressed 105 vulnerabilities in MacOS 26.1 and 56 vulnerabilities with the release of iOS 26.1 and iPadOS 26.1.  The company’s latest security update includes some flaws that affect software spanning iPhones, Macs … Read More “Apple addresses more than 100 vulnerabilities in security updates for iPhones, Macs and iPads  – CyberScoop” »

The Treasury Department on Tuesday sanctioned eight people and two companies it accused of laundering money obtained from cybercrime and IT worker schemes to fund North Korean government objectives. According to the department, over the last three years North Korea-linked cybercriminals have stolen over $3 billion, mostly in cryptocurrency. In addition, it said, North Korean … Read More “North Korean companies, people sanctioned for money laundering from cybercrime, IT worker schemes  – CyberScoop” »

The nascent collective that combines three prominent cybercrime groups, Scattered Spider, LAPSUS$, and ShinyHunters, has created no less than 16 Telegram channels since August 8, 2025. “Since its debut, the group’s Telegram channels have been removed and recreated at least 16 times under varying iterations of the original name – a recurring cycle reflecting platform … Read More “A Cybercrime Merger Like No Other — Scattered Spider, LAPSUS$, and ShinyHunters Join Forces  – The Hacker News” »

Microsoft researchers found the SesameOp backdoor using OpenAI’s Assistants API for remote access, data theft, and command communication.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Bugcrowd, a company known for its work in bug bounty and vulnerability disclosure, has announced the acquisition of Mayhem Security, an AI-driven offensive security firm.  The terms of the deal were not disclosed.  Organizations are dealing with more complicated cybersecurity risks as they build software faster, add more APIs, and work with many suppliers. Traditional … Read More “Bugcrowd acquires Mayhem Security to advance AI-powered security testing  – CyberScoop” »

Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money laundering network that defrauded victims of €600 million (~$688 million). According to a statement released by Eurojust today, the action took place between October 27 and 29 across Cyprus, Spain, and Germany, with the suspects arrested on … Read More “Europol and Eurojust Dismantle €600 Million Crypto Fraud Network in Global Sweep  – The Hacker News” »

Details have emerged about a now-patched critical security flaw in the popular “@react-native-community/cli” npm package that could be potentially exploited to run malicious operating system (OS) commands under certain conditions. “The vulnerability allows remote unauthenticated attackers to easily trigger arbitrary OS command execution on the machine running react-native-community/cli’s  – Read More  – The Hacker News 

Cybersecurity researchers have disclosed details of four security flaws in Microsoft Teams that could have exposed users to serious impersonation and social engineering attacks. The vulnerabilities “allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications,” Check Point said in a report shared with The Hacker News. Following responsible disclosure in March  – Read More  … Read More “Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed  – The Hacker News” »

Baltimore, USA, 4th November 2025, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Delaware, United States, 4th November 2025, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

In January 2023, Getty Images filed a major lawsuit in the UK High Court against Stability AI, an…  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Threat actors are leveraging weaponized attachments distributed via phishing emails to deliver malware likely targeting the defense sector in Russia and Belarus. According to multiple reports from Cyble and Seqrite Labs, the campaign is designed to deploy a persistent backdoor on compromised hosts that uses OpenSSH in conjunction with a customized Tor hidden service that … Read More “Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors  – The Hacker News” »

Ransomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affecting individuals, businesses, and critical infrastructure worldwide. A ransomware attack typically begins when the malware infiltrates a system through various … Read More “Ransomware Defense Using the Wazuh Open Source Platform  – The Hacker News” »

New reports show China-based hackers are targeting US federal, state, and global government networks via unpatched Cisco firewalls. Get the full details and necessary steps to secure devices.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Federal prosecutors in the U.S. have accused a trio of allegedly hacking the networks of five U.S. companies with BlackCat (aka ALPHV) ransomware between May and November 2023 and extorting them. Ryan Clifford Goldberg, Kevin Tyler Martin, and an unnamed co–conspirator (aka “Co-Conspirator 1”) based in Florida, all U.S. nationals, are said to have used … Read More “U.S. Prosecutors Indict Cybersecurity Insiders Accused of BlackCat Ransomware Attacks  – The Hacker News” »

Google’s artificial intelligence (AI)-powered cybersecurity agent called Big Sleep has been credited by Apple for discovering as many as five different security flaws in the WebKit component used in its Safari web browser that, if successfully exploited, could result in a browser crash or memory corruption. The list of vulnerabilities is as follows – CVE-2025-43429 … Read More “Google’s AI ‘Big Sleep’ Finds 5 New Vulnerabilities in Apple’s Safari WebKit  – The Hacker News” »

Microsoft has disclosed details of a novel backdoor dubbed SesameOp that uses OpenAI Assistants Application Programming Interface (API) for command-and-control (C2) communications. “Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised  – … Read More “Microsoft Detects “SesameOp” Backdoor Using OpenAI’s API as a Stealth Command Channel  – The Hacker News” »

Your Windows 11 PC will finally shut down! Learn about the KB5067036 update that fixes the decades-old restart glitch, plus new features like faster search and simpler update names.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The Office of Personnel Management plans to collaborate on a “mass deferment” for a cyber scholarship-for-service program after the government shutdown ends, a spokesman said Monday, as scholarship recipients have sounded fears about being on the hook for their schooling costs during federal hiring freezes and budget cuts. The National Science Foundation (NSF) leads and … Read More “OPM plans to give CyberCorps members more time to find jobs after shutdown ends  – CyberScoop” »

Federal prosecutors allege that three cybersecurity professionals, whose job was to help companies respond to ransomware attacks, instead carried out their own ransomware schemes against five U.S. businesses in 2023. Ryan Clifford Goldberg, Kevin Tyler Martin and an unnamed co–conspirator — all U.S. nationals — began using ALPHV, also known as BlackCat, ransomware to attack … Read More “Prosecutors allege incident response pros used ALPHV/BlackCat to commit string of ransomware attacks  – CyberScoop” »

Kaspersky researchers uncovered Operation ForumTroll, an attack campaign utilising the new ‘Dante’ spyware developed by Memento Labs, the rebranded Hacking Team. The attacks used a Chrome zero-day vulnerability (CVE-2025-2783) and COM hijacking for persistence, confirming the continued deployment of advanced surveillance tools by the controversial Italian firm.  – Read More  – Hackread – Cybersecurity News, … Read More “New Dante Spyware Linked to Rebranded Hacking Team, Now Memento Labs  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More” »

Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck. According to Secure Annex’s John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31, 2025, as a completely benign library that was subsequently updated to version 0.0.8 on November … Read More “Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive  – The Hacker News” »