Category: Attack Feeds

Internet users in Romania are finding their social media posts and online news articles bombarded with comments promoting blatant propaganda, inciting hatred towards the EU and NATO, and support for Vladimir Putin’s Russia. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below – CVE-2024-53150 (CVSS score: 7.8) – An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure CVE-2024-53197 (CVSS score: 7.8) – A privilege escalation flaw in the USB sub-component of...

Google has built a cybersecurity assistant for information security professionals, and now they’re looking for researchers to play with it. Sec Gemini V1 is a new cybersecurity AI reasoning model that Google rolled out last week on an experimental basis. It is designed to function as an AI assistant for security practitioners, capable of handling data analysis and other lower-level...

Google has built a cybersecurity assistant for information security professionals, and now they’re looking for researchers to play with it. Sec Gemini V1 is a new cybersecurity AI reasoning model that Google rolled out last week on an experimental basis. It is designed to function as an AI assistant for security practitioners, capable of handling data analysis and other lower-level...

A new Neptune RAT variant is being shared via YouTube and Telegram, targeting Windows users to steal passwords and deliver additional malware components.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

USA secures extradition of criminals from 9 countries, including two brothers behind Rydox, a dark web market for stolen data and hacking tools.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel. “‘Fast flux’ is a technique used to obfuscate the locations of malicious servers through rapidly changing Domain Name System (DNS)  –...

New Xanthorox AI hacking platform spotted on dark web with modular tools, offline mode, and advanced voice, image, and code-based cyberattack features.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Austin, TX, USA, 7th April 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but in job offers, hardware, and cloud services we rely on every day. Hackers don’t need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are...

A Florida man, linked to the notorious Scattered Spider hacking gang, has pleaded guilty to charges related to cryptocurrency thefts which have netted hundreds of thousands of dollars. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

After more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I’ve learned that looking busy isn’t the same as being secure.  It’s an easy trap for busy cybersecurity leaders to fall into. We rely on metrics that tell a story of the tremendous efforts we’re expending – how many vulnerabilities we...

A malicious campaign dubbed PoisonSeed is leveraging compromised credentials associated with customer relationship management (CRM) tools and bulk email providers to send spam messages containing cryptocurrency seed phrases in an attempt to drain victims’ digital wallets. “Recipients of the bulk spam are targeted with a cryptocurrency seed phrase poisoning attack,” Silent Push said in an  – Read More  – The...

A likely lone wolf actor behind the EncryptHub persona was acknowledged by Microsoft for discovering and reporting two security flaws in Windows last month, painting a picture of a “conflicted” individual straddling a legitimate career in cybersecurity and pursuing cybercrime. In a new extensive analysis published by Outpost24 KrakenLabs, the Swedish security company unmasked the up-and-coming  – Read More  –...

The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the npm ecosystem by publishing more malicious packages that deliver the BeaverTail malware, as well as a new remote access trojan (RAT) loader. “These latest samples employ hexadecimal string encoding to evade automated detection systems and manual code audits, signaling a variation  – Read...

Cybersecurity researchers have uncovered malicious libraries in the Python Package Index (PyPI) repository that are designed to steal sensitive information. Two of the packages, bitcoinlibdbfix and bitcoinlib-dev, masquerade as fixes for recent issues detected in a legitimate Python module called bitcoinlib, according to ReversingLabs. A third package discovered by Socket, disgrasya, contained a  – Read More  – The Hacker News 

A bipartisan pair of senators is taking another shot at their bill to expand the U.S. Secret Service’s investigative powers for financial cybercrime probes. The Combatting Money Laundering in Cyber Crime Act from Sens. Catherine Cortez Masto, D-Nev., and Chuck Grassley, R-Iowa, would update federal law to strengthen the Secret Service’s authority, enabling the agency to look into criminal activity...

A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation (FBI). Legal experts say the inquiry could be grounds to reopen a number of adjudicated cases in which the expert’s testimony may have been...

Crypto software wallets are invincible in the micro range. If you own multiple crypto assets, you need safe and reliable wallets, too.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The post Trump fires Gen. Timothy Haugh from leadership of Cyber Command and NSA appeared first on CyberScoop.   – Read More  – CyberScoop 

The cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. “The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a popular open-source tool for  –...

NSA and global cybersecurity agencies warn fast flux DNS tactic is a growing national security threat used in phishing, botnets, and ransomware.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

There’s a virtuous cycle in technology that pushes the boundaries of what’s being built and how it’s being used. A new technology development emerges and captures the world’s attention. People start experimenting and discover novel applications, use cases, and approaches to maximize the innovation’s potential. These use cases generate significant value, fueling demand for the next iteration of  – Read...

A novice cybercrime actor has been observed leveraging the services of a Russian bulletproof hosting (BPH) provider called Proton66 to facilitate their operations. The findings come from DomainTools, which detected the activity after it discovered a phony website named cybersecureprotect[.]com hosted on Proton66 that masqueraded as an antivirus service. The threat intelligence firm said it  – Read More  – The...

Ivanti has disclosed details of a now-patched critical security vulnerability impacting its Connect Secure that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-22457 (CVSS score: 9.0), concerns a case of a stack-based buffer overflow that could be exploited to execute arbitrary code on affected systems. “A stack-based buffer overflow in Ivanti Connect  – Read More ...

A maximum severity security vulnerability has been disclosed in Apache Parquet’s Java Library that, if successfully exploited, could allow a remote attacker to execute arbitrary code on susceptible instances. Apache Parquet is a free and open-source columnar data file format that’s designed for efficient data processing and retrieval, providing support for complex data, high-performance  – Read More  – The Hacker...

The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that no less than three cyber attacks were recorded against state administration bodies and critical infrastructure facilities in the country with an aim to steal sensitive data. The campaign, the agency said, involved the use of compromised email accounts to send phishing messages containing links pointing to legitimate  – Read...

Ivanti customers are confronting another string of attacks linked to an actively exploited vulnerability in the company’s VPN products. Mandiant said a nation-state backed espionage group linked to China has been exploiting the critical vulnerability, CVE-2025-22457, since mid-March. The threat group, which Google Threat Intelligence Group tracks as UNC5221, has a knack for exploiting Ivanti products and has successfully —...

This article has been updated with a statement from a Twilio spokesperson in response to Hackread.com’s request.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used by cybercriminals and state-sponsored actors to evade detection and maintain resilient command and control infrastructure. Fast flux involves rapidly changing or swapping out IP addresses linked to a particular domain. These quick changes render malicious activity nearly invisible to defensive measures. When fast...

International intelligence and cybersecurity agencies jointly issued a warning Thursday about “fast flux,” an advanced technique used by cybercriminals and state-sponsored actors to evade detection and maintain resilient command and control infrastructure. Fast flux involves rapidly changing or swapping out IP addresses linked to a particular domain. These quick changes render malicious activity nearly invisible to defensive measures. When fast...

Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns notably use redirection methods such as URL shorteners and QR codes contained in malicious attachments and abuse legitimate services like file-hosting services and business profile pages to avoid detection,” Microsoft said in a report shared with The  – Read More ...

Cybersecurity researchers at Jscamblers have uncovered a sophisticated web-skimming campaign targeting online retailers. The campaign utilizes a legacy…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

HellCat – the ransomware gang that has been known to demand payment… in baguettes! Are they rolling in the dough? Bread it and weep in my article on the Tripwire State of Security blog.  – Read More  – Graham Cluley 

Jacksonville, United States, 3rd April 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented Go-based backdoor called GolangGhost on Windows and macOS systems. The new activity, assessed to be a continuation of the campaign, has been codenamed ClickFake Interview by  – Read More  –...

Cybersecurity researcher Jeremiah Fowler uncovers a massive 47.8GB database with disturbing AI-generated content belonging to GenNomis.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it’s also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and slipping past old defenses without being noticed. And here’s the harsh truth: If your security strategy hasn’t evolved with AI in mind, you’re already behind. But you’re not alone—and  –...

AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles. Imagine this all-too-familiar scenario: A CISO wants to deploy an AI-driven SOC to handle the overwhelming volume of security  – Read More  –...

Cybersecurity researchers have disclosed details of a new vulnerability impacting Google’s Quick Share data transfer utility for Windows that could be exploited to achieve a denial-of-service (DoS) or send arbitrary files to a target’s device without their approval. The flaw, tracked as CVE-2024-10668 (CVSS score: 5.9), is a bypass for two of the 10 shortcomings that were originally disclosed by ...

Counterfeit versions of popular smartphone models that are sold at reduced prices have been found to be preloaded with a modified version of an Android malware called Triada. “More than 2,600 users in different countries have encountered the new version of Triada, the majority in Russia,” Kaspersky said in a report. The infections were recorded between March 13 and 27,...

In one of the largest coordinated law enforcement operations, authorities have dismantled Kidflix, a streaming platform that offered child sexual abuse material (CSAM). “A total of 1.8 million users worldwide logged on to the platform between April 2022 and March 2025,” Europol said in a statement. “On March 11, 2025, the server, which contained around 72,000 videos at the time,...

Threat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration. “This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect,” Jscrambler researchers Pedro  – Read More  –...

The Growing Threat of Digital Identity Theft Identity theft is a continuous online threat that lurks behind every…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Accidentally deleted some photos from your iPhone? You’re definitely not alone; most iPhone users have done it at…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Renowned cybersecurity expert Troy Hunt falls victim to a phishing attack, resulting in the exposure of thousands of subscriber details, and don’t lose your life savings in a whisky scam… All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus! Don’t miss our featured interview with...

Leaders of a key House subcommittee criticized the Trump administration’s personnel cuts at the Cybersecurity and Infrastructure Security Agency on Wednesday, with its chairman saying he wants CISA to take on more responsibilities, not less — some of which figure into his legislative priorities. Rep. Andrew Garbarino, the New York Republican who chairs the House Homeland Security Subcommittee on Cybersecurity...