Category: Attack Feeds

0

Israeli Spyware Graphite Targeted WhatsApp with 0-Click Exploit  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News

Citizen Lab’s investigation reveals sophisticated spyware attacks exploiting WhatsApp vulnerabilities, implicating Paragon Solutions. Learn how their research exposed these threats and the implications for digital privacy.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

0

Rooted Androids 3,000x More Likely to Be Breached, Even iPhones Not Safe  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News

A new Zimperium report reveals that rooted Android phones and jailbroken iOS devices face growing threats, with advanced toolkits making detection nearly impossible for cybersecurity researchers.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

0

YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users  – The Hacker News

YouTube videos promoting game cheats are being used to deliver a previously undocumented stealer malware called Arcane likely targeting Russian-speaking users. “What’s intriguing about this malware is how much it collects,” Kaspersky said in an analysis. “It grabs account information from VPN and gaming clients, and all kinds of network utilities like ngrok, Playit, Cyberduck, FileZilla, and  – Read More ...

0

Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day  – CyberScoop

Cybercriminals working on behalf of at least six nation-states are actively exploiting a zero-day vulnerability in Microsoft Windows to commit espionage, steal data and cryptocurrency, according to Trend Micro researchers. The vulnerability, which Trend Micro tracks as ZDI-CAN-25373, allows attackers to execute hidden malicious commands due to the way Windows displays the contents of shortcut .lnk files, also known as...

0

Smashing Security podcast #409: Peeping perverts and FBI phone calls  – Graham Cluley

In episode 409 of the “Smashing Security” podcast, we uncover the curious case of the Chinese cyber-attack on Littleton’s Electric Light Company, and a California landlord’s hidden camera scandal. Find out about this, and more, in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.  – Read More  – Graham Cluley 

0

Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems  – The Hacker News

Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution. The vulnerability, tracked as CVE-2025-23120, carries a CVSS score of 9.9 out of 10.0. It affects 12.3.0.310 and all earlier version 12 builds. “A vulnerability allowing remote code execution (RCE) by authenticated domain users,” the  –...

0

How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model  – The Hacker News

Cybersecurity isn’t just another checkbox on your business agenda. It’s a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to protect your digital assets becomes crucial. The shared responsibility model, exemplified through Microsoft 365’s approach, offers a framework for comprehending and implementing effective cybersecurity  – Read More  – The Hacker News 

0

Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data  – The Hacker News

The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by Israeli company Paragon Solutions, according to a new report from The Citizen Lab. Paragon, founded in 2019 by Ehud Barak and Ehud Schneorson, is the maker of a surveillance tool called Graphite that’s capable of harvesting sensitive data from instant messaging applications  –...

0

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation  – The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to  – Read More  – The Hacker News 

0

Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers  – The Hacker News

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security challenges  – Read More  –...

0

CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages  – The Hacker News

The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a new campaign that targets the defense sectors with Dark Crystal RAT (aka DCRat). The campaign, detected earlier this month, has been found to target both employees of enterprises of the defense-industrial complex and individual representatives of the Defense Forces of Ukraine. The activity involves  – Read More  –...

0

DOGE to Fired CISA Staff: Email Us Your Personal Data  – Krebs on Security

A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration’s continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to send their Social Security number...

0

Capital One hacker Paige Thompson got too light a sentence, appeals court rules  – CyberScoop

A federal appeals court overruled a district court judge’s sentence for Capital One hacker Paige Thompson this week, deciding that the sentence of five years’ probation plus time served was too lenient. Describing the hack as the “second largest data breach in the United States at the time, causing tens of millions of dollars in damage and emotional and reputational...

0

How DHS is working to continually improve the Continuous Diagnostics and Mitigation program  – CyberScoop

Department of Homeland Security officials in charge of the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) have pushed the program to evolve from a compliance-focused initiative to a real-time threat detection and response platform. First launched in 2013, the program is now tracking approximately 6.5 million devices, which includes operational technology and internet-connected devices alongside traditional...

0

Building an electric vehicle simulator to research EVSEs  – Zero Day Initiative – Blog

Researching and reverse engineering Level 2 Electric Vehicle Supply Equipment (EVSE or loosely “charger”) efforts might require the equipment to be placed beyond the idle state. The idle state is straightforward and usually involves nothing more than powering up the charger. Indeed, this is a very useful state for research where the user interface is in operation, communications both wired...

0

Researchers Use AI Jailbreak on Top LLMs to Create Chrome Infostealer  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News

New Immersive World LLM jailbreak lets anyone create malware with GenAI. Discover how Cato Networks researchers tricked ChatGPT, Copilot, and DeepSeek into coding infostealers – In this case, a Chrome infostealer.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

0

Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners  – The Hacker News

Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code. Cybersecurity company  – Read More  – The...

0

Congress should re-up 2015 information-sharing law, top Hill staffer says  – CyberScoop

Congress needs to reauthorize an expiring law that provides legal protections to companies for sharing cyber threat information with the federal government and each other, the staff director  for Democrats on the Senate Homeland Security and Governmental Affairs Committee said Wednesday. The 2015 Cybersecurity and Infrastructure Security Act is due to lapse at the end of September. It provides defenses...

0

Six additional countries identified as suspected Paragon spyware customers  – CyberScoop

Researchers have identified suspected government customers of spyware company Paragon Solutions in six more countries that hadn’t previously been publicly identified, according to a report published Wednesday. The University of Toronto’s Citizen Lab said it mapped the infrastructure of Paragon’s Graphite tool after a tip from a collaborator, and found a subset of suspected Paragon deployments linked to Australia, Canada,...

0

Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia  – The Hacker News

The recently leaked trove of internal chat logs among members of the Black Basta ransomware operation has revealed possible connections between the e-crime gang and Russian authorities. The leak, containing over 200,000 messages from September 2023 to September 2024, was published by a Telegram user @ExploitWhispers last month. According to an analysis of the messages by cybersecurity company  – Read...

0

ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers  – The Hacker News

The threat actors behind the ClearFake campaign are using fake reCAPTCHA or Cloudflare Turnstile verifications as lures to trick users into downloading malware such as Lumma Stealer and Vidar Stealer. ClearFake, first highlighted in July 2023, is the name given to a threat activity cluster that employs fake web browser update baits on compromised WordPress as a malware distribution vector....

0

Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen  – The Hacker News

In today’s digital world, security breaches are all too common. Despite the many security tools and training programs available, identity-based attacks—like phishing, adversary-in-the-middle, and MFA bypass—remain a major challenge. Instead of accepting these risks and pouring resources into fixing problems after they occur, why not prevent attacks from happening in the first place? Our upcoming  – Read More  – The...

0

5 Identity Threat Detection & Response Must-Haves for Super SaaS Security  – The Hacker News

Identity-based attacks are on the rise. Attackers are targeting identities with compromised credentials, hijacked authentication methods, and misused privileges. While many threat detection solutions focus on cloud, endpoint, and network threats, they overlook the unique risks posed by SaaS identity ecosystems. This blind spot is wreaking havoc on heavily SaaS-reliant organizations big and small  – Read More  – The Hacker...

0

Critical mySCADA myPRO Flaws Could Let Attackers Take Over Industrial Control Systems  – The Hacker News

Cybersecurity researchers have disclosed details of two critical flaws impacting mySCADA myPRO, a Supervisory Control and Data Acquisition (SCADA) system used in operational technology (OT) environments, that could allow malicious actors to take control of susceptible systems. “These vulnerabilities, if exploited, could grant unauthorized access to industrial control networks, potentially  – Read More  – The Hacker News 

0

CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise  – The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a vulnerability linked to the supply chain compromise of the GitHub Action, tj-actions/changed-files, to its Known Exploited Vulnerabilities (KEV) catalog. The high-severity flaw, tracked as CVE-2025-30066 (CVSS score: 8.6), involves the breach of the GitHub Action to inject malicious code that enables a remote  – Read More  – The...

0

Trump moves to fire Democratic FTC commissioners  – CyberScoop

Commissioners Alvaro Bedoya and Rebecca Slaughter of the Federal Trade Commission confirmed reports that President Donald Trump is attempting to fire them, marking a direct challenge to the agency’s independence and potentially crippling a host of its tech-related investigation and enforcement actions. On X, Bedoya posted a note saying he had just been “illegally fired” by the president. He referenced...

0

Infostealers fueled cyberattacks and snagged 2.1B credentials last year  – CyberScoop

Cybercriminals used information-stealing malware to a devastating effect last year, capturing sensitive data that fueled ransomware, breaches and attacks targeting supply chains and critical infrastructure, according to a new report. Infostealers were used to steal 2.1 billion credentials last year, accounting for nearly two-thirds of 3.2 billion credentials stolen from all organizations, Flashpoint said in a report released Tuesday. By targeting...

0

Infostealers fueled cyberattacks and snagged 2.1B credentials last year  – CyberScoop

Cybercriminals used information-stealing malware to a devastating effect last year, capturing sensitive data that fueled ransomware, breaches and attacks targeting supply chains and critical infrastructure, according to a new report. Infostealers were used to steal 2.1 billion credentials last year, accounting for nearly two-thirds of 3.2 billion credentials stolen from all organizations, Flashpoint said in a report released Tuesday. By targeting...

0

The AI Fix #42: AIs with anxiety, and why AIs don’t know what happened  – Graham Cluley

In episode 42 of the AI Fix, our hosts discover why ads for the Neo Gamma robot are so sinister, Graham plays peek-a-boo with a crow, humans give up writing, an AI designs a drug, an upstart AI agent gets everyone’s attention, and a talking fish offers our hosts some sage advice. Graham wonders if … Continue reading “The AI...

0

New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors  – The Hacker News

Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code. “This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent  – Read More  – The Hacker News 

0

Google acquires Wiz for $32 billion  – CyberScoop

Google announced Tuesday it will acquire cloud security firm Wiz for $32 billion. The move pairs Google — among the world’s largest cloud service providers — with one of the most promising cloud security startups. The purchase comes less than a year after Wiz rejected a previous $23 billion bid from Google, with executives saying at the time that they...

0

New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking  – The Hacker News

A critical security vulnerability has been disclosed in AMI’s MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions. The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 score of 10.0, indicating maximum severity. “A local or remote attacker can exploit the vulnerability by accessing the  – Read More  – The...

0

Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security  – The Hacker News

Google is making the biggest ever acquisition in its history by purchasing cloud security company Wiz in an all-cash deal worth $32 billion. “This acquisition represents an investment by Google Cloud to accelerate two large and growing trends in the AI era: improved cloud security and the ability to use multiple clouds (multicloud),” the tech giant said today. It added...

0

Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017  – The Hacker News

An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017. The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad actors to execute hidden ...

0

New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads  – The Hacker News

Cybersecurity researchers have warned about a large-scale ad fraud campaign that has leveraged hundreds of malicious apps published on the Google Play Store to serve full-screen ads and conduct phishing attacks. “The apps display out-of-context ads and even try to persuade victims to give away credentials and credit card information in phishing attacks,” Bitdefender said in a report shared with ...

0

BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse  – The Hacker News

At least four different threat actors have been identified as involved in an updated version of a massive ad fraud and residential proxy scheme called BADBOX, painting a picture of an interconnected cybercrime ecosystem. This includes SalesTracker Group, MoYu Group, Lemon Group, and LongTV, according to new findings from the HUMAN Satori Threat Intelligence and Research team, published in  –...

AttackFeed by Joe Wagner
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.