Category: Attack Feeds

A bill that would close a loophole in federal cybersecurity standards by requiring government contractors to abide by vulnerability disclosure policies moved one step closer to law Monday after sailing through the House. The passage of the Federal Contractor Cybersecurity Vulnerability Reduction Act in the House came a month after Reps. Nancy Mace, R-S.C., and Shontel Brown, D-Ohio reintroduced their...

Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is as follows – CVE-2025-22224 (CVSS score: 9.3) – A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious actor with  – Read More ...

A new malware threat called Zhong Stealer has surfaced from China, and it’s already slipping into businesses through…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

It’s been a confusing few days in the world of American cybersecurity… Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers. Stolen credentials: The cyber criminal’s weapon...

Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts. The findings come from the Splunk Threat Research Team, which said the activity also led to the delivery of various binaries that facilitate data exfiltration as well...

Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out “fewer than five” entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano. The malicious activity was specifically directed against aviation and satellite communications organizations, according to Proofpoint, which detected it in late October  – Read More  – The Hacker...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2023-20118 (CVSS score: 6.5) – A command injection  – Read More  – The...

Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below – CVE-2024-43093 – A privilege escalation flaw in the Framework component that could result in unauthorized access to “Android/data,” “Android/obb,”  – Read...

Cybercriminals pose as IT support, using fake calls and Microsoft Teams messages to trick users into installing ransomware through email floods and remote access.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

San Francisco, California, 3rd March 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Artificial Intelligence is a tool that is currently changing how businesses approach digital marketing and SEO. Explore how your business can transform with AI-powered SEO services here.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Google addressed 43 vulnerabilities affecting Android devices in its March security update, including a pair of software defects reportedly under active exploitation. Google said the two vulnerabilities — CVE-2024-43093 and CVE-2024-50302 — “may be under limited, targeted exploitation.” The most severe of the flaws under active exploitation, CVE-2024-43093, carries a CVSS score of 7.8 and was added to the Cybersecurity...

Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which it said overlaps with a group known as JavaGhost. TGR-UNK-0011 is known to ...

Security questionnaires take a lot of time and repetitively answering the same questions manually chews up business time…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The Department of Homeland Security said that its Cybersecurity and Infrastructure Security Agency will continue to pay attention to Russian cyber threats, contrary to media reports suggesting the opposite. The Guardian reported last week that a recent CISA memo setting out priorities for the agency didn’t list Russia among them, while including Chinese threats and critical infrastructure protection. It further...

Firefox’s new Terms of Use spark user backlash over data rights. Learn how Mozilla responded to concerns about…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

FortiGuard Labs discovers an advanced attack using modified Havoc Demon and SharePoint. Explore the attack’s evasion techniques and security measures.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The U.K.’s Information Commissioner’s Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages of 13 and 17 in the country. To that end, the watchdog said it’s probing how the ByteDance-owned video-sharing service uses the personal data of children in the age range...

Threat actors have been exploiting a security vulnerability in Paragon Partition Manager’s BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC). “These include arbitrary kernel memory mapping and  – Read More  – The...

Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. “The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within trusted, well-known  – Read More ...

The Trump administration has told US cyber command and CISA to stop following or reporting on Russian cyber threats. Yes, Russia! That country everyone used to agree was home to lots of ransomware gangs and hackers. Hmmm… Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where cybercriminals used AI tools for harmful pranks, and a massive trove of live secrets was discovered, reminding us that even the tools we rely...

In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023.  After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year’s total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of active ransomware groups jumped 40%,...

Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d. The improved variant of Vo1d has been found to encompass 800,000 daily active IP addresses, with the botnet scaling a peak of 1,590,299 on January 19, 2025, spanning 226 countries. As of February 25,...

QR phishing is on the rise, tricking users into scanning malicious QR codes. Learn how cybercriminals exploit QR codes and how to protect yourself.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states – You give Mozilla the rights necessary to operate Firefox. This includes processing your data as we describe...

SolarWinds’ top cybersecurity executive said chief information security officers are increasingly grappling with how to do their jobs while avoiding individual legal liability for breaches that happen on their watch. Tim Brown, now CISO at SolarWinds, was a vice president and the highest-ranking security official at the company when hackers working on behalf of the Russian Foreign Intelligence Service (SVR)...

Not getting enough views or traffic to your podcasts? Try this stunning AI audio-to-video generator to transform your…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Microsoft exposes Storm-2139, a cybercrime network exploiting Azure AI via LLMjacking. Learn how stolen API keys enabled harmful…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab, KrebsOnSecurity has learned. Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a persistent source of malicious software,...

360XSS campaign exploits Krpano XSS to hijack search results & distribute spam ads on 350+ sites, including government,…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. “The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite,” the international non-governmental  – Read More  –...

Psychologists may have a plethora of reasons why individuals turn to cyber crime; and their results move beyond disturbing. It comes as no surprise that those involved in the theft of data have now escalated, their schemes to be even darker. These criminals have expanded to include international online groups called ‘the Com” where they […] The post Cyber hacking...

Cybersecurity researchers have uncovered a widespread phishing campaign that uses fake CAPTCHA images shared via PDF documents hosted on Webflow’s content delivery network (CDN) to deliver the Lumma stealer malware. Netskope Threat Labs said it discovered 260 unique domains hosting 5,000 phishing PDF files that redirect victims to malicious websites. “The attacker uses SEO to trick victims into  – Read...

Remote Desktop Protocol (RDP) is an amazing technology developed by Microsoft that lets you access and control another computer over a network. It’s like having your office computer with you wherever you go. For businesses, this means IT staff can manage systems remotely, and employees can work from home or anywhere, making RDP a true game-changer in today’s work environment....

Louis Donald Mendonsa, 62, was sentenced following a guilty plea for distributing child sexual abuse materials (CSAM) via…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Microsoft on Thursday unmasked four of the individuals that it said were behind an Azure Abuse Enterprise scheme that involves leveraging unauthorized access to generative artificial intelligence (GenAI) services in order to produce offensive and harmful content. The campaign, called LLMjacking, has targeted various AI offerings, including Microsoft’s Azure OpenAI Service. The tech giant is  – Read More  – The...

The threat actor known as Sticky Werewolf has been linked to targeted attacks primarily in Russia and Belarus with the aim of delivering the Lumma Stealer malware by means of a previously undocumented implant. Cybersecurity company Kaspersky is tracking the activity under the name Angry Likho, which it said bears a “strong resemblance” to Awaken Likho (aka Core Werewolf, GamaCopy,...

A dataset used to train large language models (LLMs) has been found to contain nearly 12,000 live secrets, which allow for successful authentication. The findings once again highlight how hard-coded credentials pose a severe security risk to users and organizations alike, not to mention compounding the problem when LLMs end up suggesting insecure coding practices to their users. Truffle  –...

A hacker using the alias GHOSTR, linked to 90+ data breaches, was arrested in a joint effort by law enforcement in Thailand, Singapore, and cybersecurity firm Group-IB.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

U.S. authorities say a 21-year-old U.S. Army soldier attempted to sell stolen sensitive information to a foreign intelligence service as part of a broader effort to extort victims and leak call records of high-ranking public officials. In November while on active duty, Cameron Wagenius made multiple attempts to extort $500,000 from a major telecommunications company while threatening to leak additional...

Strong eCommerce customer service builds trust, boosts loyalty, and drives sales. Learn key strategies, best practices, and tools to enhance online support.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Google is gradually phasing out SMS-based verification as part of its two-step verification (2SV) process across its suite of services, signaling a significant shift in how the tech giant approaches user authentication and security. The change, which will affect Gmail and all other Google services where users sign in with their Google accounts, marks a move away from the traditional...

Google is gradually phasing out SMS-based verification as part of its two-step verification (2SV) process across its suite of services, signaling a significant shift in how the tech giant approaches user authentication and security. The change, which will affect Gmail and all other Google services where users sign in with their Google accounts, marks a move away from the traditional...

Do you want to have the best communication system at your workplace? Learn how to maximize the benefits…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

President Donald Trump’s nominee to lead the consumer-focused federal agency that Elon Musk wants to “delete” and that Republican lawmakers have railed against since its creation indicated to senators Thursday that he could continue some data-focused work started by his Democratic predecessor. In his nomination hearing to lead the Consumer Financial Protection Bureau, Jonathan McKernan told members of the Senate...

Auto-color: New Linux backdoor malware targeting the US and Asia. Learn about its advanced evasion, persistence, and detection…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Microsoft has identified individuals from Iran, China, Vietnam and the United Kingdom as primary players in an alleged international scheme to hijack and sell Microsoft accounts that could bypass safety guidelines for generative AI tools. In December, Microsoft petitioned a Virginia court to seize infrastructure and software from 10 unnamed individuals who the company claims ran a hacking-as-a-service operation that...

FortiGuard Labs discovers Winos 4.0 malware targeting Taiwan via phishing. Learn how this advanced threat steals data and…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News