Category: Attack Feeds

2Apply’s over-collection of personal information adds to the power of the real estate industry in the competitive rental market, Carly Kind says Follow our Australia news live blog for latest updates Get our breaking news email, free app or daily news podcast An online rental platform has been urged to stop collecting users’ personal information … Read More “Rental platform unnecessarily collected the data of millions of Australians, privacy commissioner finds  – Data and computer security | The Guardian” »

A South Florida man pleaded guilty to conspiring with multiple ransomware affiliates to commit attacks against and extort payments from the same U.S. companies he represented as a ransomware negotiator for DigitalMint in 2023, the Justice Department said Monday. Angelo John Martino III shared confidential information about victim organizations’ internal negotiating positions and insurance policy … Read More “Former DigitalMint ransomware negotiator pleads guilty to extortion scheme  – CyberScoop” »

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control (C2 or C&C) server linked to SystemBC has led to the discovery of a botnet of more than 1,570 victims. “SystemBC establishes SOCKS5 network … Read More “SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation  – The Hacker News” »

Microsoft vulnerabilities fall, but critical flaws double, BeyondTrust report highlights rising risk in Microsoft Office, Azure, and cloud systems.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Lawmakers at a hearing Tuesday explored ways to beef up punishments for ransomware attacks against hospitals, possibly by labeling them as more severe crimes. One proposal floated at the House Homeland Security Committee hearing, to treat ransomware attacks as terrorism, is an idea Congress has flirted with before. Another would be to press prosecutors to … Read More “Lawmakers ponder terrorism designations, homicide charges over hospital ransomware attacks  – CyberScoop” »

A core leader of the hacker subset of The Com responsible for a series of high-profile phishing attacks and cryptocurrency thefts from September 2021 to April 2023 pleaded guilty to federal charges, the Justice Department said Friday.  Tyler Robert Buchanan of Dundee, Scotland, pleaded guilty to conspiracy to commit wire fraud and aggravated identity theft. … Read More “Scottish man pleads guilty to attack spree that created Scattered Spider’s notoriety  – CyberScoop” »

A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino, 41, of Land O’Lakes, Florida, teamed up with the operators of the BlackCat ransomware starting in April 2023 to assist the e-crime gang in extracting higher amounts as ransoms. “Working as … Read More “Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023  – The Hacker News” »

A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology … Read More “‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty  – Krebs on Security” »

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by Forescout Research Vedere Labs, which identified nearly 20,000 Serial-to-Ethernet converters exposed  – Read More  – … Read More “22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters  – The Hacker News” »

Washington D.C., USA, 21st April 2026, CyberNewswire  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

New York, United States, 21st April 2026, CyberNewswire  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, regulatory exposure, and brand damage.  The root cause of slow MTTR is almost never “not enough analysts.” It is almost always the same structural problem: … Read More “5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time  – The Hacker News” »

Grinex exchange collapses after $13.7M breach, blames Western spies as Chainalysis flags possible exit scam and sanctions evasion network links claims.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Threat Intel Scraping sounds simple until it isn’t, here’s how cybersecurity teams avoid blocks, bad data, and unnecessary risk.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines Antigravity’s permitted file-creation capabilities with an insufficient input sanitization in Antigravity’s native file-searching tool, find_by_name, to bypass the program’s Strict  – Read More  – The Hacker News 

Cybersecurity researchers have discovered a new iteration of an Android malware family calledNGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. “The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated,” ESET security researcher Lukáš … Read More “NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs  – The Hacker News” »

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn’t changed: stolen credentials. Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing  – Read More  – … Read More “No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks  – The Hacker News” »

Mythos matters. It is a significant step forward in AI-assisted vulnerability discovery. But it does not mean cybersecurity changed overnight, nor does it mean enterprises are suddenly facing fully automated exploitation at internet scale tomorrow. It does mean the offensive side of AI is continuing to improve. The defensive side needs to catch up now. … Read More “Mythos can find the vulnerability. It can’t tell you what to do about it.  – CyberScoop” »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2023-27351 (CVSS score: 8.2) – An improper authentication vulnerability in PaperCut  – Read … Read More “CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines  – The Hacker News” »

Vercel confirms a breach linked to Context.ai as a hacker lists alleged data for $2M. ShinyHunters denies involvement and flags imposters.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

The Federal Trade Commission is poised to deepen its involvement in curbing the use of AI for malicious purposes, including the spread of nonconsensual sexualized deepfakes and voice cloning scams. Last year, Congress passed the Take It Down Act, a law that allowed for criminal prosecution of individuals who share or distribute nonconsensual, intimate images … Read More “The FTC’s AI portfolio is about to get bigger  – CyberScoop” »

As organizations consider agentic AI for their business and IT stacks, researchers continue to find bugs and vulnerabilities in major, commercial models  that can significantly expand their attack surface. This week, researchers at Pillar Security disclosed a vulnerability in Antigravity, an AI-powered developer tool for filesystem operations made by Google. The bug, since patched, combined … Read More “Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution  – CyberScoop” »

Vercel customers are at risk of compromise after an attacker hopped through multiple internal systems to steal credentials and other sensitive data, the company said in a security bulletin Sunday.  The attack, which didn’t originate at Vercel, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.  An attacker traversed third-party … Read More “Vercel’s security breach started with malware disguised as Roblox cheats  – CyberScoop” »

A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of command injection leading to the execution of arbitrary code. SGLang is … Read More “SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files  – The Hacker News” »

Remove unwanted objects from video effortlessly with AI in 2026. Learn step-by-step methods, best tools, and pro tips to clean up your footage like a professional.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Over 130,000 users are at risk from fake TikTok downloader extensions on Chrome and Microsoft Edge. Researchers discovered these malicious tools use device fingerprinting to spy on users and steal sensitive browser data.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware. Browser extensions act normally while pulling data and running code. Even update channels are used to push payloads. It’s not breaking systems—it’s bending trust. … Read More “⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More  – The Hacker News” »

Tyler Robert Buchanan, a 24-year-old British hacker linked to Scattered Spider, admits to a multi-year US hacking scheme involving at least $8M in crypto theft.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Two weeks ago, a suspected North Korean threat actor slipped malicious code into a package within Axios, a widely used JavaScript library. The immediate concern was the blast radius: roughly 100 million weekly downloads spanning enterprises, startups, and government systems. But beyond the sheer scale, the attack’s speed was just as worrisome – a stark … Read More “Why the Axios attack proves AI is mandatory for supply chain security  – CyberScoop” »

The fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don’t fail because of bad technology. They stall because what … Read More “Why Most AI Deployments Stall After the Demo  – The Hacker News” »

Attackers rarely exploit an edge-device vulnerability indiscriminately. Typically, they first test how widely the flaw can be used and how much access it can provide, then move on to steal data or disrupt operations. Pre-attack surveillance and planning leaves a lot of noise in its wake. These signals — particularly spikes in traffic that are … Read More “Network ‘background noise’ may predict the next big edge-device vulnerability  – CyberScoop” »

Cybersecurity researchers have discovered a critical “by design” weakness in the Model Context Protocol’s (MCP) architecture that could pave the way for remote code execution and have a cascading effect on the artificial intelligence (AI) supply chain. “This flaw enables Arbitrary Command Execution (RCE) on any system running a vulnerable MCP implementation, granting attackers direct … Read More “Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain  – The Hacker News” »

Critical RCE flaw in protobuf.js lets attackers execute code via malicious schemas. Learn who is at risk, affected versions, and how to fix it.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems. The malware has been codenamed ZionSiphon by Darktrace, highlighting its ability to set up persistence, tamper with local configuration files, and scan for operational technology (OT)-relevant services on the local subnet.  – … Read More “Researchers Detect ZionSiphon Malware Targeting Israeli Water, Desalination OT Systems  – The Hacker News” »

Web infrastructure provider Vercel has disclosed a security breach that allows bad actors to gain unauthorized access to “certain” internal Vercel systems. The incident stemmed from the compromise of Context.ai, a third-party artificial intelligence (AI) tool, that was used by an employee at the company. “The attacker used that access to take over the employee’s … Read More “Vercel Breach Tied to Context AI Hack Exposes Limited Customer Credentials  – The Hacker News” »

Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Operation PowerOFF identifies and warns 75K users of DDoS-for-hire services, nets 4 arrests, and seizes 53 domains in a Europol-led crackdown.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Grinex, a Kyrgyzstan-incorporated cryptocurrency exchange sanctioned by the U.K. and the U.S. last year, said it’s suspending operations after it blamed Western intelligence agencies for a $13.74 million hack. The exchange said it fell victim to what it described as a large-scale cyber attack that bore hallmarks of foreign intelligence agency involvement. This attack led … Read More “$13.74M Hack Shuts Down Sanctioned Grinex Exchange After Intelligence Claims  – The Hacker News” »

Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42. The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability … Read More “Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet  – The Hacker News” »

Founders can access liquidity without exiting by selling shares via secondary deals, reducing financial pressure while staying focused on long-term growth.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

New research from Zimperium reveals four active Android malware campaigns, RecruitRat, SaferRat, Astrinox, and Massiv, targeting over 800 banking apps globally.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

The race to quantum-proof the internet is underway as experts warn of “harvest now, decrypt later” risks and slow migration to post-quantum security.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Congress is grappling with renewal of a surveillance law set to expire at the end of this month that critics say is a mystery on how much of a difference it has made for controversial government spying authorities — for better or worse. The 2024 law reauthorized so-called Section 702 powers of the Foreign Intelligence … Read More “The surveillance law Congress can’t quit — and can’t explain  – CyberScoop” »

Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into a botnet for DDoS attacks.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (  … Read More “Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched  – The Hacker News” »

Researchers at Darktrace have identified ZionSiphon, a new malware targeting Israeli water treatment plants. Learn how this OT-focused…  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Google this week announced a new set of Play policy updates to strengthen user privacy and protect businesses against fraud, even as it revealed it blocked or removed over 8.3 billion ads globally and suspended 24.9 million accounts in 2025. The new policy updates relate to contact and location permissions in Android, allowing third-party apps … Read More “Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul  – The Hacker News” »

If you hold cryptocurrency, there’s a very simple golden rule that you should always follow. Never hand over your seed phrase. Garrett Dutton, better known as G. Love – the front man of blues-hip-hop outfit G. Love & Special Sauce – has learnt that lesson the hard way. Read more in my article on the … Read More “Singer loses life savings to fake wallet downloaded from the Apple App Store  – GRAHAM CLULEY” »

Hackers spread CGrabber and Direct-Sys malware through GitHub ZIP files, bypassing security tools to steal passwords, crypto wallets, and user data.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More