Category: Attack Feeds

DeepSeek, the Chinese startup whose open-source large language model is causing panic among U.S. tech and AI companies this week, said it is having difficulty registering new users due to “large-scale malicious attacks” on its services. On Monday, the company’s website posted a banner note stating that it was temporarily pausing new registrations to deal with the issue. Screenshot of...

A critical vulnerability in Brave Browser allows malicious websites to appear as trusted sources during file uploads/downloads. Learn…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

DeepSeek, a new China-backed AI platform, faces a cyberattack disrupting new user registrations. Learn about its rapid growth,…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Residents of Tbilisi, the capital city of Georgia, experienced an unexpected and unusual start to their Friday morning commute. As they boarded their public transport buses, they were greeted by a barrage of sound emanating from the vehicles’ speakers. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

A conflux of open-source developers and application security companies has been embroiled in a complex debate after a recent change in the licensing policy of a widely used static code analysis tool, resulting in a faction of organizations creating a new, open-source rival.  The issue started with a recent change in the licensing policy of Semgrep, a popular static application...

Beware of a convincing Royal Mail SMS phishing scam asking for personal details and payment for re-delivery. Learn…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we’re breaking down the sophisticated world of AI-driven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention. As we unpack these complex topics, we’ll equip you with sharp insights...

Critical security flaw in SonicWall SMA 1000 appliances (CVE-2025-23006) exploited as a zero-day. Rated CVSS 9.8, patch immediately…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The Open Web Application Security Project has recently introduced a new Top 10 project – the Non-Human Identity (NHI) Top 10. For years, OWASP has provided security professionals and developers with essential guidance and actionable frameworks through its Top 10 projects, including the widely used API and Web Application security lists.  Non-human identity security represents an emerging  – Read More ...

A previously unknown threat actor has been observed copying the tradecraft associated with the Kremlin-aligned Gamaredon hacking group in its cyber attacks targeting Russian-speaking entities. The campaign has been attributed to a threat cluster dubbed GamaCopy, which is assessed to share overlaps with another hacking group named Core Werewolf, also tracked as Awaken Likho and PseudoGamaredon.  – Read More  –...

Threat hunters have detailed an ongoing campaign that leverages a malware loader called MintsLoader to distribute secondary payloads such as the StealC information stealer and a legitimate open-source network computing platform called BOINC. “MintsLoader is a PowerShell based malware loader that has been seen delivered via spam emails with a link to Kongtuke/ClickFix pages or a JScript file,”  – Read...

Cary, North Carolina, 26th January 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

A high-severity security flaw has been disclosed in Meta’s Llama large language model (LLM) framework that, if successfully exploited, could allow an attacker to execute arbitrary code on the llama-stack inference server.  The vulnerability, tracked as CVE-2024-50050, has been assigned a CVSS score of 6.3 out of 10.0. Supply chain security firm Snyk, on the other hand, has assigned it...

UnitedHealth Group has confirmed that a ransomware attack targeted its subsidiary, Change Healthcare, in February 2024, impacting 190…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Cybersecurity researchers discovered 270,000+ lines of American National Insurance customer data leaked online, potentially linked to the 2023…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

US prosecutors charged five, including North Koreans, for tricking firms into hiring fake IT workers, sending $866K+ to…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Crooks pwning crooks – Hackers exploit script kiddies with XWorm RAT, compromising 18,000+ devices globally and stealing sensitive…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network. The 119 vulnerabilities, assigned 97 unique CVE identifiers, span seven LTE implementations – Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC,  – Read...

The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, this  – Read More  – The Hacker News 

The U.S. Department of Justice (DoJ) on Thursday indicted two North Korean nationals, a Mexican national, and two of its own citizens for their alleged involvement in the ongoing fraudulent information technology (IT) worker scheme that seeks to generate revenue for the Democratic People’s Republic of Korea (DPRK) in violation of international sanctions. The action targets Jin Sung-Il (진성일), Pak ...

The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. But might it stifle journalism and free speech? Read more in my article on the Tripwire State of Security blog.  – Read More  – Graham Cluley 

Google has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations. “When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you’re outside of trusted locations,” Google said in a post announcing the  – Read More  –...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The medium-severity vulnerability is CVE-2020-11023 (CVSS score: 6.1/6.9), a nearly five-year-old cross-site scripting (XSS) bug that could be  – Read More  – The Hacker News 

Welcome to the third and final day of Pwn2Own Automotive 2025. Over the past two days, we have awarded $718,250 for 39 unique 0-days. Sina Kheirkhah has a commanding lead for Master of Pwn, but anything can happen. Here’s a look at today’s results… SUCCESS – Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) used a single bug to exploit the...

A critical security flaw has been identified and potentially exploited in SonicWall’s Secure Mobile Access (SMA) 1000 series appliances, sparking significant concern among cybersecurity experts and users worldwide.  The vulnerability, registered as CVE-2025-23006, allows remote, unauthenticated attackers to execute arbitrary operating system commands under certain conditions. The issue specifically impacts the Appliance Management Console (AMC) and Central Management Console (CMC)...

Cybersecurity firm ESET uncovers PlushDaemon, a previously unknown APT group targeting South Korea, deploying a SlowStepper backdoor. This…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The U.S. government delivered another blow to North Korea’s fake IT worker scheme Thursday, with the Department of Justice announcing indictments against five men for fraudulently obtaining remote credentials to work with American companies and generate revenue for Pyongyang. The indictments of North Korean nationals Jin Sung-Il and Pak Jin-Song, Mexican national Pedro Ernesto Alonso De Los Reyes, and U.S....

HackerOne CEO Kara Sprague explores how the modern CISO can face mounting pressures in cybersecurity.  – Read More  – HackerOne 

Abnormal Security uncovers GhostGPT, an uncensored AI chatbot built for cybercrime. Learn how it boosts cybercriminals’ abilities, makes…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Enterprise-grade Juniper Networks routers have become the target of a custom backdoor as part of a campaign dubbed J-magic. According to the Black Lotus Labs team at Lumen Technologies, the activity is so named for the fact that the backdoor continuously monitors for a “magic packet” sent by the threat actor in TCP traffic.  “J-magic campaign marks the rare occasion...

Researchers at Black Lotus Labs have uncovered an operation where a back door is dropped onto enterprise-grade Juniper Networks routers and listens for specific network signals, known as “magic packets,” to execute malicious commands.  The campaign, which researchers at the cybersecurity wing of Lumen Technologies refer to as “J-Magic,” was active between mid-2023 and mid-2024. The malware uses a custom...

Cybersecurity researchers are calling attention to a new malware campaign that leverages fake CAPTCHA verification checks to deliver the infamous Lumma information stealer. “The campaign is global, with Netskope Threat Labs tracking victims targeted in Argentina, Colombia, the United States, the Philippines, and other countries around the world,” Leandro Fróes, senior threat research engineer at  – Read More  – The...

An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices’ firmware as well as misconfigured security features. “These weren’t obscure, corner-case vulnerabilities,” security vendor Eclypsium said in a report shared with The Hacker News. “Instead these were very well-known issues that we wouldn’t expect to see  – Read...

An analysis of HellCat and Morpheus ransomware operations has revealed that affiliates associated with the respective cybercrime entities are using identical code for their ransomware payloads. The findings come from SentinelOne, which analyzed artifacts uploaded to the VirusTotal malware scanning platform by the same submitter towards the end of December 2024. “These two payload samples are  – Read More  –...

ChatGPT Outage: Service Down on Jan 23, 2025. Learn about the potential causes (DDoS or technical glitch) and…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Are your websites leaking sensitive data? New research reveals that 45% of third-party apps access user info without proper authorization, and 53% of risk exposures in Retail are due to the excessive use of tracking tools. Learn how to uncover and mitigate these hidden threats and risks—download the full report here. New research by web exposure management specialist Reflectiz reveals...

SonicWall is alerting customers of a critical security flaw impacting its Secure Mobile Access (SMA) 1000 Series appliances that it said has been likely exploited in the wild as a zero-day. The vulnerability, tracked as CVE-2025-23006, is rated 9.8 out of a maximum of 10.0 on the CVSS scoring system. “Pre-authentication deserialization of untrusted data vulnerability has been identified in...

Despite significant investments in advanced technologies and employee training programs, credential and user-based attacks remain alarmingly prevalent, accounting for 50-80% of enterprise breaches[1],[2]. While identity-based attacks continue to dominate as the leading cause of security incidents, the common approach to identity security threats is still threat reduction, implementing layers of  – Read More  – The Hacker News 

Cybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has been developed by threat actors linked to the infamous QakBot loader. “BackConnect is a common feature or module utilized by threat actors to maintain persistence and perform tasks,” Walmart’s Cyber Intelligence team told The Hacker News. “The BackConnect(s) in use were ‘DarkVNC’ alongside the IcedID  – Read...

Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances. The vulnerability, tracked as CVE-2025-20156, carries a CVSS score of 9.9 out 10.0. It has been described as a privilege escalation flaw in the REST API of Cisco Meeting Management. “This  –...

Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks. “This actor engaged in a variety of threat activity, including cryptocurrency mining operations on hijacked cloud resources and ransomware activity,” the tech giant’s cloud division said in its 11th  – Read More  – The...

Welcome to the second day of Pwn2Own Automotive 2025. Yesterday, we awarded more than $380,000 for 16 unique 0-days – and we had several bug collisions as well. Today looks to be even better, with the WOLFBOX and Tesla EV chargers making their Pwn2Own debut. Here’s how the Master of Pwn standings look at the beginning of Day Two: We’ll...

An Italian hacker makes the grade and ends up in choppy waters, and hear true stories of title deed transfer scams. All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault. Plus – don’t miss our featured interview with Avery Pennarun of Tailscale.  – Read...

CloudSEK uncovers a Zendesk vulnerability allowing cybercriminals to exploit subdomains for phishing and investment scams. Learn about the…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The top Democrat on the House Homeland Security Committee and a number of cyber professionals on Wednesday lamented the Trump administration’s decision to purge a cyber incident investigation board of its membership. But the move had some supporters, including the chairman of that same committee. Acting Department of Homeland Security Secretary Benjamine Huffman issued a memorandum Monday that strips all...

A U.S. appeals court has vacated the initial sentence given to Conor Brian Fitzpatrick, who pleaded guilty in 2023 for charges related to his work as founder of the notorious BreachForums website. The appeal, filed by the U.S. government, signals that a new sentence could be much more harsh than the one initially issued last year.  Fitzpatrick, operating under the...

A vulnerability in ChatGPT’s API can generate DDoS attacks against targeted websites, but the security researcher who discovered it says the flaw has since been addressed by OpenAI. In a security advisory posted to the developer platform GitHub, German security researcher Benjamin Flesch detailed the bug, which occurs when the API is processing HTTP POST requests to the back-end server....

Cloudflare mitigates a record-breaking 5.6 Tbps DDoS attack, highlighting the growing threat of hyper-volumetric assaults. Learn about the…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Web infrastructure and security company Cloudflare says it detected the biggest Distributed Denial-of-Service (DDoS) attack ever recorded, a 5.6 terabits per second (Tbps) attack directed at an internet service provider (ISP) in Eastern Asia. Despite the staggering volume of the attack, Cloudflare successfully managed and mitigated it without human intervention. The company said in research released Tuesday that the attack,...