A senator on Thursday questioned whether the president’s pick to lead the FBI might harm cybercrime investigations with his plans for the bureau. At a nomination hearing of the Senate Judiciary Committee, Amy Klobuchar, D-Minn., asked Kash Patel about comments he made in September. “I’d shut down the FBI Hoover building on day one and open it the next day...
Authorities in the United States and the Netherlands have dismantled a sophisticated Pakistan-based cybercrime network known as Saim Raza. The operation, dubbed “Operation Heart Blocker,” culminated Wednesday with the coordinated seizure of 39 domains and servers. Also known as HeartSender, Saim Raza was responsible for developing and selling phishing kits, with the Department of Justice claiming the software resulted in...
Tulsi Gabbard, President Donald Trump’s nominee for director of national intelligence, told the Senate Intelligence Committee on Thursday that she would leave her own political views “at the door” and deliver “intelligence that is collected, analyzed and reported without bias, prejudice or political influence.” But she also accused the Biden administration and other national security officials of politicizing intelligence to...
A bipartisan pair of House lawmakers are seeking to improve private-public coordination for financial institutions amid a surge of ransomware attacks on the sector. The Public and Private Sector Ransomware Response Coordination Act, introduced this week by Reps. Zach Nunn, R-Iowa, and Josh Gottheimer, D-N.J., would direct the Treasury secretary to deliver a report on existing collaboration between federal agencies...
Imagine, for a moment, that your network is hit with ransomware. One of your employees clicked on a malicious link and now your network is compromised, data is encrypted and most of the organization’s systems are locked or offline. Then imagine if instead of assembling an incident response team, notifying the board and contacting law enforcement, the forensic sensors in...
A security issue at Chinese artificial intelligence firm DeepSeek exposed over a million lines of sensitive internal data, including user chat histories, API secrets, and backend operational details, according to research published Wednesday by cloud security firm Wiz. The exposure, discovered earlier this month, stemmed from a publicly accessible ClickHouse database linked to DeepSeek’s systems. The database — hosted on...
Image: Shutterstock, ArtHead. In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit — a sprawling network tied to Chinese organized crime gangs and aptly named “Funnull” — highlights...
What Is Dark Web Scanning? Dark web scanning is a proactive cybersecurity measure designed to detect whether sensitive company data, such as login credentials, intellectual property, or client information, is being traded or exposed on dark web platforms. These platforms are hidden and often host malicious activities that can pose significant risks to large enterprises. […] The post Protect Your...
San Francisco, United States / California, 30th January 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations. “Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities,” Google Threat – Read More – The...
Palo Alto, USA, 30th January 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution. The vulnerability, rated a CVSS score of 9.4, enables “attackers to potentially execute arbitrary commands with root privileges” by exploiting a hidden URL parameter, application security firm Noma said in a – Read More –...
An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP. The effort has targeted the following domains – www.cracked.io www.nulled.to www.mysellix.io www.sellix.io www.starkrdp.io Visitors to these websites are now greeted by a seizure banner that says they were confiscated – Read More – The Hacker News
Buzzy Chinese artificial intelligence (AI) startup DeepSeek, which has had a meteoric rise in popularity in recent days, left one of its databases exposed on the internet, which could have allowed malicious actors to gain access to sensitive data. The ClickHouse database “allows full control over database operations, including the ability to access internal data,” Wiz security researcher Gal –...
The job of a SOC analyst has never been easy. Faced with an overwhelming flood of daily alerts, analysts (and sometimes IT teams who are doubling as SecOps) must try and triage thousands of security alerts—often false positives—just to identify a handful of real threats. This relentless, 24/7 work leads to alert fatigue, desensitization, and increased risk of missing critical...
A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks. The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of command injection in the boot process that could allow a malicious actor –...
Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances. “When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server,” Sonar researcher Yaniv Nizry said in a write-up published earlier this week. The –...
The FBI has seized Nulled.to, Cracked.to, Sellix.io, and StarkRDP.io in Operation Talent, targeting cybercrime forums and illicit marketplaces.… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee’s actions led to chaos and raise urgent questions about the security of cultural treasures. And join us as we explore the alarming trend of social media influencers staging fake kidnappings. All this and much much more...
UAC-0063: A Russian-linked threat actor targeting Central Asia and Europe with sophisticated cyberespionage campaigns, including weaponized documents, data… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
The Federal Bureau of Investigation, along with several other international law enforcement departments, has seized control of several high-profile online platforms linked to cybercrime in a sweeping operation aimed at disrupting digital marketplaces for stolen credentials and hacking tools. The domains of forums Cracked[.]io and Nulled[.]to now redirect to FBI-controlled servers, signaling efforts to dismantle infrastructure that supports cybercriminal activity....
Nulled.to and Cracked.to, major hacking forums, appear seized by the FBI as DNS records point to FBI servers.… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
Italian and Irish regulators want answers on how data harvested by chatbot could be used by Chinese government The Chinese AI platform DeepSeek has become unavailable for download from some app stores in Italy as regulators in Rome and in Ireland demanded answers from the company about its handling of citizens’ data. Amid growing concern on Wednesday about how data...
The North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform” to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns. “Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API,” SecurityScorecard’s – Read More – The...
A popular platform for developing AI systems has patched an easily exploitable vulnerability that would have given an attacker remote code execution privileges. Researchers at application security firm Noma detail how the flaw, embedded in Javascript code for Lightning.AI’s development platform, could be manipulated to give an attacker virtually unfettered access to a user’s cloud studio, as well as the...
A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome. The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the – Read...
Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity. Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel...
A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of 10.0. “Due to a flaw in the multi-line SNMP result parser, authenticated users...
Ransomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total. This breach shows just how deeply ransomware – Read More – The Hacker...
London’s world-famous British Museum was forced to partially close its doors at the end of last week, following a serious security breach involving a former IT contractor. Police were called to the museum on Friday after a recently dismissed worker allegedly trespassed onto the museum site and was able to shut down various systems, including the museum’s ticketing platform. Read...
Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild. “Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration,” GreyNoise researcher Glenn Thorpe said in an alert – Read More – The Hacker News
The advanced persistent threat (APT) group known as UAC-0063 has been observed leveraging legitimate documents obtained by infiltrating one victim to attack another target with the goal of delivering a known malware dubbed HATVIBE. “This research focuses on completing the picture of UAC-0063’s operations, particularly documenting their expansion beyond their initial focus on Central Asia, – Read More – The...
Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access. The vulnerability, tracked as CVE-2025-22217 (CVSS score: 8.6), has been described as an unauthenticated blind SQL injection. “A malicious user with network access may be able to use specially crafted SQL queries to gain database ...
Cybersecurity researchers are warning that a critical zero-day vulnerability impacting Zyxel CPE Series devices is seeing active exploitation attempts in the wild. “Attackers can leverage this vulnerability to execute arbitrary commands on affected devices, leading to complete system compromise, data exfiltration, or network infiltration,” GreyNoise researcher Glenn Thorpe said in an alert – Read More – The Hacker News
Audit watchdog finds 58 critical IT systems assessed in 2024 had ‘significant gaps in cyber-resilience’ The threat of potentially devastating cyber-attacks against UK government departments is “severe and advancing quickly”, with dozens of critical IT systems vulnerable to an expected regular pattern of significant strikes, ministers have been warned. The National Audit Office (NAO) found that 58 critical government IT...
A series of Trump administration maneuvers to freeze federal aid has thrown cybersecurity grant programs into doubt for recipients ranging from state governments to small businesses to foreign allies. An Office of Management and Budget memo sent Monday and that went into effect Tuesday directs federal agencies to “temporarily pause all activities related to obligations or disbursement of all Federal...
The post Lawsuit claims systems behind OPM governmentwide email blast are illegal, insecure appeared first on CyberScoop. – Read More – CyberScoop
Post Content – Read More – HackerOne
IntelBroker targets Hewlett-Packard Enterprise (HPE) again, claiming to have access to the company’s internal infrastructure and the possibility… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
The HackerOne Policy team analyzes cybersecurity and AI regulation in the U.S. under the incoming administration. – Read More – HackerOne
Advanced phishing campaign targets Poland and Germany, delivering Agent Tesla, Snake Keylogger and newly identified TorNet backdoor via… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
The national security risks posed by routers, modems and similar devices produced by U.S. adversaries would be the subject of a new federal study under a bipartisan Senate bill introduced Monday. The Removing Our Unsecure Technologies to Ensure Reliability and Security (ROUTERS) Act from Sens. Marsha Blackburn, R-Tenn., and Ben Ray Luján, D-N.M., is aimed at better safeguarding the public’s...
A financially motivated threat actor has been linked to an ongoing phishing email campaign that has been ongoing since at least July 2024 specifically targeting users in Poland and Germany. The attacks have led to the deployment of various payloads, such as Agent Tesla, Snake Keylogger, and a previously undocumented backdoor dubbed TorNet that’s delivered by means of PureCrypter. TorNet...
Apple released software updates Monday, aimed at addressing multiple security vulnerabilities within its products, including a significant zero-day vulnerability. Tracked as CVE-2025-24085, the flaw is a use-after-free vulnerability in the company’s Core Media component, a framework that manages audio and video playback and is central to many of Apple’s multimedia applications. The vulnerability poses a serious risk as it has...
In episode 35 of The AI Fix, our hosts learn who the 175th best programmer in the world is, the AI supervillains put on suits for President Trump, a “not imaginary” AI turns out to be imaginary, OpenAI releases Operator and teases o3-mini, and Anthropic predicts that superintelligence is only three years away. Graham considers giving his money, pets, and...
McAfee Labs uncovers malicious GitHub repositories distributing Lumma Stealer malware disguised as game hacks and cracked software. Learn… – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
Cybersecurity researchers have disclosed details of a now-patched account takeover vulnerability affecting a popular online travel service for hotel and car rentals. “By exploiting this flaw, attackers can gain unauthorized access to any user’s account within the system, effectively allowing them to impersonate the victim and perform an array of actions on their behalf – including – Read More –...
Triaging and investigating alerts is central to security operations. As SOC teams strive to keep up with ever-increasing alert volumes and complexity, modernizing SOC automation strategies with AI has emerged as a critical solution. This blog explores how an AI SOC Analyst transforms alert management, addressing key SOC challenges while enabling faster investigations and responses. Security – Read More –...
While passwords remain the first line of defense for protecting user accounts against unauthorized access, the methods for creating strong passwords and protecting them are continually evolving. For example, NIST password recommendations are now prioritizing password length over complexity. Hashing, however, remains a non-negotiable. Even long secure passphrases should be hashed to prevent them – Read More – The Hacker...
Cybersecurity researchers have found that ransomware attacks targeting ESXi systems are also leveraging the access to repurpose the appliances as a conduit to tunnel traffic to command-and-control (C2) infrastructure and stay under the radar. “ESXi appliances, which are unmonitored, are increasingly exploited as a persistence mechanism and gateway to access corporate networks widely,” Sygnia – Read More – The Hacker...