Category: Attack Feeds

Two teenagers were arrested in the United Kingdom this week, accused of associating with the sprawling criminal collective known as The Com, and participating in many high-profile and damaging cyberattacks on critical infrastructure globally. Thalha Jubair, 19 of London, and Owen Flowers, 18 of Walsall, England, were arrested at their residences Tuesday and charged with … Read More “UK arrests two teens accused of heavy involvement in yearslong Scattered Spider attack spree  – CyberScoop” »

Two UK teens have been charged in connection with the TfL hack, as investigators link them to Scattered Spider cyberattacks and data breaches.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts. The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat actors accessed backup firewall preference files stored in the cloud for less than 5% … Read More “SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers  – The Hacker News” »

Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs to deliver post-exploitation tools like Cobalt Strike and AdaptixC2, and a remote access trojan known as PureHVNC RAT. “CountLoader is being used either as part of an Initial Access Broker’s (IAB) toolset or by a … Read More “CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader  – The Hacker News” »

Palo Alto, California, 18th September 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

In the current cycle, Bitcoin has anchored most of the capital inflow. In 2025, 66% of investors selected…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Hackers are posing as Empire podcast hosts, tricking crypto influencers and developers with fake interview invites to deliver macOS AMOS Stealer malware.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

AI’s growing role in enterprise environments has heightened the urgency for Chief Information Security Officers (CISOs) to drive effective AI governance. When it comes to any emerging technology, governance is hard – but effective governance is even harder. The first instinct for most organizations is to respond with rigid policies. Write a policy document, circulate … Read More “How CISOs Can Drive Effective AI Governance  – The Hacker News” »

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows systems. “SilentSync is capable of remote command execution, file exfiltration, and screen capturing,” Zscaler ThreatLabz’s Manisha Ramcharan Prajapati and Satyam Singh said. “SilentSync also extracts  – Read … Read More “SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers  – The Hacker News” »

Infoblox links Vane Viper to PropellerAds, exposing a global malvertising network posing as adtech while spreading malware and running online scams.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Conor Brian Fitzpatrick, the creator of the notorious BreachForums hacking forum, has been resentenced to three years in prison after a US appeals court overturned his prior sentence of time served and 20 years of supervised release. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild. The zero-day vulnerability in question is CVE-2025-10585, which has been described as a type confusion issue in the V8 JavaScript and WebAssembly engine. Type confusion vulnerabilities can have severe … Read More “Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions  – The Hacker News” »

When “bad actors” stop being hackers and start being… actual actors. This week, Graham and special guest Jenny Radcliffe play “Hacker or Ham?” (yes, Steven Seagal, we’re looking at you), before diving into a campaign which saw an Iranian gang luring Israeli performers with fake casting calls for a serious film. We unpack why positive … Read More “Smashing Security podcast #435: Lights! Camera! Hacktion!  – Graham Cluley” »

SonicWall said it confirmed an attack on its MySonicWall.com platform that exposed customers’ firewall configuration files — the latest in a steady stream of security weaknesses impacting the besieged vendor and its customers. The company’s security teams began investigating suspicious activity and validated the attack “in the past few days,” Bret Fitzgerald, senior director of … Read More “Attack on SonicWall’s cloud portal exposes customers’ firewall configurations  – CyberScoop” »

New research reveals Raven Stealer malware that targets browsers like Chrome and Edge to steal personal data. Learn how this threat uses simple tricks like process hollowing to evade antiviruses and why it’s a growing risk for everyday users.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets. Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels. “The threat actors continue … Read More “TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks  – The Hacker News” »

Waltham, United States, 17th September 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Conor Brian Fitzpatrick, the founder of the hacking forum BreachForums, has been resentenced to three years in prison…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Learn what Codeless Testing Tools are and how effective they are in detecting common security vulnerabilities, along with understanding their strengths and limitations.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

ReversingLabs discovers “Shai-hulud,” a self-replicating computer worm on the npm open-source registry. Learn how the malware steals developer…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures. “In this activity, the group masqueraded as the current Chair of the Select Committee on Strategic Competition between the United States and the Chinese Communist Party (CCP), as well … Read More “Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts  – The Hacker News” »

Microsoft’s Digital Crimes Unit dismantled RaccoonO365, a major phishing service that stole thousands of user credentials and targeted US healthcare organisations. Discover how the operation worked and its global impact.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Quantum computing and AI working together will bring incredible opportunities. Together, the technologies will help us extend innovation further and faster than ever before. But, imagine the flip side, waking up to news that hackers have used a quantum computer to crack your company’s encryption overnight, exposing your most sensitive data, rendering much of it … Read More “From Quantum Hacks to AI Defenses – Expert Guide to Building Unbreakable Cyber Resilience  – The Hacker News” »

Generative AI has gone from a curiosity to a cornerstone of enterprise productivity in just a few short years. From copilots embedded in office suites to dedicated large language model (LLM) platforms, employees now rely on these tools to code, analyze, draft, and decide. But for CISOs and security architects, the very speed of adoption … Read More “Rethinking AI Data Security: A Buyer’s Guide   – The Hacker News” »

Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going “dark.” Threat intelligence firm ReliaQuest said it has observed indications that the threat actor has shifted their focus to the financial sector. This is supported by … Read More “Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims  – The Hacker News” »

The U.S. Department of Justice (DoJ) on Tuesday resentenced the former administrator of BreachForums to three years in prison in connection with his role in running the cybercrime forum and possessing child sexual abuse material (CSAM). Conor Brian Fitzpatrick (aka Pompompurin), 22, of Peekskill, New York, pleaded guilty to one count of access device conspiracy, … Read More “DOJ Resentences BreachForums Founder to 3 Years for Cybercrime and Possession of CSAM  – The Hacker News” »

Microsoft’s Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365, a financially motivated threat group that was behind a phishing-as-a-service (Phaas) toolkit used to steal more than 5,000 Microsoft 365 credentials from 94 countries since July 2024. “Using a court order granted by the Southern … Read More “RaccoonO365 Phishing Network Shut Down After Microsoft and Cloudflare Disrupt 338 Domains  – The Hacker News” »

Microsoft’s Digital Crimes Unit coordinated the seizure of 338 domains used by RaccoonO365, a financially motivated threat group that developed and sold phishing kits that have been used to steal more than 5,000 Microsoft credentials since July 2024, the company said Tuesday.  The threat group, which Microsoft tracks as Storm-2246, enabled cybercriminals to steal credentials … Read More “Microsoft seizes hundreds of phishing sites tied to massive credential theft operation  – CyberScoop” »

Secure document editing protects sensitive data with encryption and compliance tools, while reducing costly breaches and building trust,…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A man who pleaded guilty in 2023 for charges related to his work as founder and operator of the notorious BreachForums website was resentenced Tuesday to three years in prison after having his initial sentence overturned in January. Conor Brian Fitzpatrick, 22, operated BreachForums — once regarded as the largest English-language cybercrime marketplace — under … Read More “BreachForums founder resentenced to three years in prison  – CyberScoop” »

Cybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could lead to cluster takeover in Kubernetes environments. “Attackers need only minimal in-cluster network access to exploit these vulnerabilities, execute the platform’s fault injections (such as shutting down pods or disrupting network communications), and perform  – Read More  – The … Read More “Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover  – The Hacker News” »

A massive ad fraud and click fraud operation dubbed SlopAds ran a cluster of 224 apps, collectively attracting 38 million downloads across 228 countries and territories. “These apps deliver their fraud payload using steganography and create hidden WebViews to navigate to threat actor-owned cashout sites, generating fraudulent ad impressions and clicks,” HUMAN’s Satori Threat Intelligence … Read More “SlopAds Fraud Ring Exploits 224 Android Apps to Drive 2.3 Billion Daily Ad Bids  – The Hacker News” »

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package … Read More “Self-Replicating Worm Hits 180+ Software Packages  – Krebs on Security” »

Cybersecurity researchers have warned of a new campaign that’s leveraging a variant of the FileFix social engineering tactic to deliver the StealC information stealer malware. “The observed campaign uses a highly convincing, multilingual phishing site (e.g., fake Facebook Security page), with anti-analysis techniques and advanced obfuscation to evade detection,” Acronis security researcher Eliad  – Read … Read More “New FileFix Variant Delivers StealC Malware Through Multilingual Phishing Site  – The Hacker News” »

AI agents are rapidly becoming a core part of the enterprise, being embedded across enterprise workflows, operating with autonomy, and making decisions about which systems to access and how to use them. But as agents grow in power and autonomy, so do the risks and threats.  Recent studies show 80% of companies have already experienced … Read More “Securing the Agentic Era: Introducing Astrix’s AI Agent Control Plane  – The Hacker News” »

Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file. “Apple is aware of a report that … Read More “Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack  – The Hacker News” »

A team of academics from ETH Zürich and Google has discovered a new variant of a RowHammer attack targeting Double Data Rate 5 (DDR5) memory chips from South Korean semiconductor vendor SK Hynix. The RowHammer attack variant, codenamed Phoenix (CVE-2025-6202, CVSS score: 7.1), is capable of bypassing sophisticated protection mechanisms put in place to resist … Read More “Phoenix RowHammer Attack Bypasses Advanced DDR5 Memory Protections in 109 Seconds  – The Hacker News” »

Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm registry that has affected more than 40 packages that belong to multiple maintainers. “The compromised versions include a function (NpmModule.updatePackage) that downloads a package tarball, modifies package.json, injects a local script (bundle.js), repacks the archive, and republishes it, enabling  – Read More  … Read More “40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials  – The Hacker News” »

Both OpenAI and Anthropic said earlier this month they are working with the U.S. and U.K. governments to bolster the safety and security of their commercial large language models in order to make them harder to abuse or misuse. In a pair of blogs posted to their websites Friday, the companies said for the past … Read More “Top AI companies have spent months working with US, UK governments on model safety  – CyberScoop” »