Category: Attack Feeds

Imagine a world where hackers don’t sleep, don’t take breaks, and find weak spots in your systems instantly. Well, that world is already here. Thanks to AI, attackers are now launching automated, large-scale exploits faster than ever before. The time you have to fix a vulnerability before it gets attacked is shrinking to zero. We … Read More “[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed  – The Hacker News” »

Cybersecurity researchers at Forcepoint uncover new indirect prompt injection attacks that use hidden website code to exploit AI assistants like GitHub Copilot.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device. The vulnerability, tracked as CVE-2026-28950 (CVSS score: N/A), has been described as a logging issue that has been addressed with improved data redaction. “Notifications marked for deletion could be … Read More “Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case  – The Hacker News” »

Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its internal systems. The company said it made the discovery after expanding its investigation to include an extra set of compromise indicators, alongside a review of requests … Read More “Vercel Finds More Compromised Accounts in Context.ai-Linked Breach  – The Hacker News” »

Mongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat (APT) group tracked as GopherWhisper. “The group wields a wide array of tools mostly written in Go, using injectors and loaders to deploy and execute various backdoors in its arsenal,” Slovakian cybersecurity company ESET said in a report shared … Read More “China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors  – The Hacker News” »

A company that ran anonymous tip lines for 35,000 American schools – handling reports of bullying, weapons, and self-harm – boasted on its website that it had suffered zero security breaches in over 20 years. A hacker called Internet Yiff Machine thought that sounded like a challenge, with predictable results… Meanwhile, Rockstar Games gets hacked … Read More “Smashing Security podcast #464: Rockstar got hacked. The data was junk. The secrets it revealed were not  – GRAHAM CLULEY” »

Anthropic is investigating a vendor breach after a Discord-linked group accessed its Claude Mythos AI model, with no evidence of impact on core systems.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

House Republicans unveiled on Wednesday Congress’ latest effort to tackle comprehensive digital privacy legislation for Americans. The Secure Data Act would allow consumers to opt out of data collection for individual businesses for the purposes of targeted advertising, selling to third parties or for use in automated decisionmaking. It would also require companies to inform … Read More “House Republicans roll out national privacy bill  – CyberScoop” »

Sean Plankey, the long-sidelined nominee to lead the Cybersecurity and Infrastructure Security Agency, asked President Donald Trump on Wednesday to withdraw his nomination. “At this point in time, I am asking the President to remove my nomination from consideration,” he said in a notification letter seen by CyberScoop. “After thirteen months since my initial nomination, it … Read More “CISA director pick Sean Plankey withdraws his nomination  – CyberScoop” »

Cybersecurity researchers have warned of malicious images pushed to the official “checkmarx/kics” Docker Hub repository. In an alert published today, software supply chain security company Socket revealed that unknown threat actors managed to have overwritten existing tags, including v2.1.20 and alpine, while also introducing a new v2.1.21 tag that does not correspond to an official … Read More “Malicious KICS Docker Images and VS Code Extensions Hit Checkmarx Supply Chain  – The Hacker News” »

Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating worm that spreads through stolen developer npm tokens. The supply chain worm has been detected by both Socket and StepSecurity, with the companies tracking the activity under the name CanisterSprawl owing to the use of … Read More “Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens  – The Hacker News” »

Compare Broadcom TDM and K2view across architecture, integration, masking, and scalability to find the right test data management solution for your needs.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

The threat actor known as Harvester has been attributed to a new Linux version of its GoGra backdoor deployed as part of attacks likely targeting entities in South Asia. “The malware uses the legitimate Microsoft Graph API and Outlook mailboxes as a covert command-and-control (C2) channel, allowing it to bypass traditional perimeter network defenses,” the … Read More “Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API  – The Hacker News” »

The Supreme Court will hear oral arguments Monday in a case that could limit the government’s ability to obtain bulk digital data of device users with a single warrant, in a rare instance of the country’s top justices taking on digital rights. Chatrie v. The United States is the first major Fourth Amendment case the … Read More “The Supreme Court is about to decide how far geofence warrants can go  – CyberScoop” »

Bluesky is back online after a roughly 24-hour DDoS attack disrupted services, with the Iran-linked 313 Team claiming responsibility and no data breach reported.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Acronis reveals Mustang Panda is using a new LOTUSLITE backdoor to target Indian banks and Korean diplomats. Learn how this DLL sideloading attack works.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. Some of those conversations held plaintext third-party credentials, including OpenAI API … Read More “Toxic Combinations: When Cross-App Permissions Stack into Risk  – The Hacker News” »

Cybersecurity researchers have discovered a previously undocumented data wiper that has been used in attacks targeting Venezuela at the end of last year and the start of 2026. Dubbed Lotus Wiper, the novel file wiper has been used in a destructive campaign targeting the energy and utilities sector in Venezuela, per findings from Kaspersky. “Two … Read More “Lotus Wiper Malware Targets Venezuelan Energy Systems in Destructive Attack  – The Hacker News” »

Microsoft has released out-of-band updates to address a security vulnerability in ASP.NET Core that could allow an attacker to escalate privileges. The vulnerability, tracked as CVE-2026-40372, carries a CVSS score of 9.1 out of 10.0. It’s rated Important in severity. An anonymous researcher has been credited with discovering and reporting the flaw. “Improper verification of … Read More “Microsoft Patches Critical ASP.NET Core CVE-2026-40372 Privilege Escalation Bug  – The Hacker News” »

Many security leaders are still operating with frameworks built for a different era. For years, success was measured by fixed checkpoints, such as passing audits, closing vulnerabilities, and maintaining compliance. Those markers still have value, but they were designed for a threat landscape that moved in predictable, linear ways. Today, that landscape is shifting in … Read More “The AI era demands a different kind of CISO  – CyberScoop” »

A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 on the CVSS scoring system. “Sandbox escape vulnerability in Terrarium allows arbitrary code execution with root privileges on a host process via JavaScript prototype chain traversal,” according … Read More “Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape  – The Hacker News” »

Cybersecurity researchers have discovered a new variant of a known malware called LOTUSLITE that’s distributed via a theme related to India’s banking sector. “The backdoor communicates with a dynamic DNS-based command-and-control server over HTTPS and supports remote shell access, file operations, and session management, indicating a continued espionage-focused capability set rather than  – Read More  … Read More “Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles  – The Hacker News” »

2Apply’s over-collection of personal information adds to the power of the real estate industry in the competitive rental market, Carly Kind says Follow our Australia news live blog for latest updates Get our breaking news email, free app or daily news podcast An online rental platform has been urged to stop collecting users’ personal information … Read More “Rental platform unnecessarily collected the data of millions of Australians, privacy commissioner finds  – Data and computer security | The Guardian” »

A South Florida man pleaded guilty to conspiring with multiple ransomware affiliates to commit attacks against and extort payments from the same U.S. companies he represented as a ransomware negotiator for DigitalMint in 2023, the Justice Department said Monday. Angelo John Martino III shared confidential information about victim organizations’ internal negotiating positions and insurance policy … Read More “Former DigitalMint ransomware negotiator pleads guilty to extortion scheme  – CyberScoop” »

Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control (C2 or C&C) server linked to SystemBC has led to the discovery of a botnet of more than 1,570 victims. “SystemBC establishes SOCKS5 network … Read More “SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation  – The Hacker News” »

Microsoft vulnerabilities fall, but critical flaws double, BeyondTrust report highlights rising risk in Microsoft Office, Azure, and cloud systems.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Lawmakers at a hearing Tuesday explored ways to beef up punishments for ransomware attacks against hospitals, possibly by labeling them as more severe crimes. One proposal floated at the House Homeland Security Committee hearing, to treat ransomware attacks as terrorism, is an idea Congress has flirted with before. Another would be to press prosecutors to … Read More “Lawmakers ponder terrorism designations, homicide charges over hospital ransomware attacks  – CyberScoop” »

A core leader of the hacker subset of The Com responsible for a series of high-profile phishing attacks and cryptocurrency thefts from September 2021 to April 2023 pleaded guilty to federal charges, the Justice Department said Friday.  Tyler Robert Buchanan of Dundee, Scotland, pleaded guilty to conspiracy to commit wire fraud and aggravated identity theft. … Read More “Scottish man pleads guilty to attack spree that created Scattered Spider’s notoriety  – CyberScoop” »

A third individual who was employed as a ransomware negotiator has pleaded guilty to conducting ransomware attacks against U.S. companies in 2023. Angelo Martino, 41, of Land O’Lakes, Florida, teamed up with the operators of the BlackCat ransomware starting in April 2023 to assist the e-crime gang in extracting higher amounts as ransoms. “Working as … Read More “Ransomware Negotiator Pleads Guilty to Aiding BlackCat Attacks in 2023  – The Hacker News” »

A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into at least a dozen major technology … Read More “‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty  – Krebs on Security” »

Cybersecurity researchers have identified 22 new vulnerabilities in popular models of serial-to-IP converters from Lantronix and Silex that could be exploited to hijack susceptible devices and tamper with data exchanged by them. The vulnerabilities have been collectively codenamed BRIDGE:BREAK by Forescout Research Vedere Labs, which identified nearly 20,000 Serial-to-Ethernet converters exposed  – Read More  – … Read More “22 BRIDGE:BREAK Flaws Expose 20,000 Lantronix and Silex Serial-to-IP Converters  – The Hacker News” »

Washington D.C., USA, 21st April 2026, CyberNewswire  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

New York, United States, 21st April 2026, CyberNewswire  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Security teams often present MTTR as an internal KPI. Leadership sees it differently: every hour a threat dwells inside the environment is an hour of potential data exfiltration, service disruption, regulatory exposure, and brand damage.  The root cause of slow MTTR is almost never “not enough analysts.” It is almost always the same structural problem: … Read More “5 Places where Mature SOCs Keep MTTR Fast and Others Waste Time  – The Hacker News” »

Grinex exchange collapses after $13.7M breach, blames Western spies as Chainalysis flags possible exit scam and sanctions evasion network links claims.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Threat Intel Scraping sounds simple until it isn’t, here’s how cybersecurity teams avoid blocks, bad data, and unnecessary risk.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution. The flaw, since patched, combines Antigravity’s permitted file-creation capabilities with an insufficient input sanitization in Antigravity’s native file-searching tool, find_by_name, to bypass the program’s Strict  – Read More  – The Hacker News 

Cybersecurity researchers have discovered a new iteration of an Android malware family calledNGate that has been found to abuse a legitimate application called HandyPay instead of NFCGate. “The threat actors took the app, which is used to relay NFC data, and patched it with malicious code that appears to have been AI-generated,” ESET security researcher Lukáš … Read More “NGate Campaign Targets Brazil, Trojanizes HandyPay to Steal NFC Data and PINs  – The Hacker News” »

The cybersecurity industry has spent the last several years chasing sophisticated threats like zero-days, supply chain compromises, and AI-generated exploits. However, the most reliable entry point for attackers still hasn’t changed: stolen credentials. Identity-based attacks remain a dominant initial access vector in breaches today. Attackers obtain valid credentials through credential stuffing  – Read More  – … Read More “No Exploit Needed: How Attackers Walk Through the Front Door via Identity-Based Attacks  – The Hacker News” »

Mythos matters. It is a significant step forward in AI-assisted vulnerability discovery. But it does not mean cybersecurity changed overnight, nor does it mean enterprises are suddenly facing fully automated exploitation at internet scale tomorrow. It does mean the offensive side of AI is continuing to improve. The defensive side needs to catch up now. … Read More “Mythos can find the vulnerability. It can’t tell you what to do about it.  – CyberScoop” »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws impacting Cisco Catalyst SD-WAN Manager, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2023-27351 (CVSS score: 8.2) – An improper authentication vulnerability in PaperCut  – Read … Read More “CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines  – The Hacker News” »

Vercel confirms a breach linked to Context.ai as a hacker lists alleged data for $2M. ShinyHunters denies involvement and flags imposters.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

The Federal Trade Commission is poised to deepen its involvement in curbing the use of AI for malicious purposes, including the spread of nonconsensual sexualized deepfakes and voice cloning scams. Last year, Congress passed the Take It Down Act, a law that allowed for criminal prosecution of individuals who share or distribute nonconsensual, intimate images … Read More “The FTC’s AI portfolio is about to get bigger  – CyberScoop” »

As organizations consider agentic AI for their business and IT stacks, researchers continue to find bugs and vulnerabilities in major, commercial models  that can significantly expand their attack surface. This week, researchers at Pillar Security disclosed a vulnerability in Antigravity, an AI-powered developer tool for filesystem operations made by Google. The bug, since patched, combined … Read More “Vuln in Google’s Antigravity AI agent manager could escape sandbox, give attackers remote code execution  – CyberScoop” »

Vercel customers are at risk of compromise after an attacker hopped through multiple internal systems to steal credentials and other sensitive data, the company said in a security bulletin Sunday.  The attack, which didn’t originate at Vercel, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.  An attacker traversed third-party … Read More “Vercel’s security breach started with malware disguised as Roblox cheats  – CyberScoop” »

A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of command injection leading to the execution of arbitrary code. SGLang is … Read More “SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files  – The Hacker News” »

Remove unwanted objects from video effortlessly with AI in 2026. Learn step-by-step methods, best tools, and pro tips to clean up your footage like a professional.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Over 130,000 users are at risk from fake TikTok downloader extensions on Chrome and Microsoft Edge. Researchers discovered these malicious tools use device fingerprinting to spy on users and steal sensitive browser data.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware. Browser extensions act normally while pulling data and running code. Even update channels are used to push payloads. It’s not breaking systems—it’s bending trust. … Read More “⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More  – The Hacker News” »

Tyler Robert Buchanan, a 24-year-old British hacker linked to Scattered Spider, admits to a multi-year US hacking scheme involving at least $8M in crypto theft.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More