IBM X-Force observed an identical breakdown of the top methods cybercriminals used to intrude networks for two years running, the company said in its annual Threat Intelligence Index. The top initial access vectors, valid account credentials and exploitation of public-facing applications, each accounted for 30% of IBM X-Force incident response cases last year. By focusing on identity-based attacks, cybercriminals are...

Terrance, United States / California, 22nd April 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that’s based on Apache Airflow. “This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which  – Read More  –...

Regulator prohibits leasing of ‘global titles’ phone numbers by mobile operators after industry efforts to tackle problem were ineffective The UK communications regulator is banning mobile operators from leasing numbers that can be used by criminals to intercept and divert calls and messages, including security codes sent by banks to customers. Ofcom said it would stop the leasing of “global...

Was your Microsoft Entra ID account locked? Find out about the recent widespread lockouts caused by the new…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Artificial intelligence is transforming industries, but its adoption also raises ethical and cybersecurity concerns, especially in the regulated…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Threat actors are exploiting bulletproof hosting service Proton66 for malicious activities, including campaigns from SuperBlack ransomware operators, Android…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the new endpoint. However, unlike endpoints, browsers remain mostly unmonitored, despite being responsible for more than 70% of modern malware attacks. Keep Aware’s recent State of Browser Security report highlights major concerns security leaders face with employees using the web browser for most of their work. ...

U.S. ports are vital to the flow of imports and exports; however, the entire maritime transportation system’s cybersecurity is exceedingly vulnerable. The August 2024 ransomware attack at the Port of Seattle resulted in significant cargo delays and a data breach of 90,000 individuals. Such a wide-scale incursion could have resulted in a longer loss of communications, further security breaches, and...

Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it’s also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed updates to Microsoft Entra ID and MS for both public and...

The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast Asian country between August 2024 and February 2025. “Targets included a government ministry, an air traffic control organization, a telecoms operator, and a construction company,” the Symantec Threat Hunter Team said in a new report  – Read...

A security architect with the National Labor Relations Board (NLRB) alleges that employees from Elon Musk‘s Department of Government Efficiency (DOGE) transferred gigabytes of sensitive data from agency case files in early March, using short-lived accounts configured to leave few traces of network activity. The NLRB whistleblower said the unusual large data outflows coincided with multiple blocked login attempts from...

There’s nothing like the freedom of the open road when you’re on a motorcycle. But staying connected while…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Fake Booking.com emails trick hotel staff into running AsyncRAT malware via fake CAPTCHA, targeting systems with remote access…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A federal judge last week placed strict limits on the kind of evidence NSO Group can raise during a trial on damages in the lawsuit WhatsApp brought against the spyware vendor over allegations it hacked 1,400 of the messaging platform’s users. Under the order, NSO Group is prohibited from presenting evidence about its customers’ identities, implying  the targeted WhatsApp users...

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access. The activity has been named Larva-24005 by the AhnLab Security Intelligence Center (ASEC). “In some systems, initial access was gained through  – Read More  – The Hacker...

Two top officials at the Cybersecurity and Infrastructure Security Agency who worked with the private sector to manufacture secure products and technology are leaving the agency. Bob Lord, senior technical adviser and Lauren Zabierek, senior advisor at CISA, were both chief architects behind CISA’s Secure by Design initiative, which garnered voluntary commitments from major vendors and manufacturers to build cybersecurity...

Morphisec discovers a new malware threat ResolverRAT, that combines advanced methods for running code directly in computer memory,…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active campaign is targeting customers of banking institutions and card issuers in Italy with an aim to compromise payment card data, fraud prevention firm Cleafy said in an analysis. There is evidence to  – Read More  –...

Dallas, United States, TX, 21st April 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Government-backed hacking groups from North Korea (TA427), Iran (TA450), and Russia (UNK_RemoteRogue, TA422) are now using the ClickFix…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that’s exactly what we saw in last week’s activity. Hackers are getting better at hiding inside everyday actions: opening a file, running a project, or logging in like normal. No loud alerts. No obvious red flags. Just quiet entry through small gaps — like a misconfigured...

The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture.  The solution is more complex. For this article, we’ll focus on the device threat vector. The risk they pose...

Cybersecurity researchers have disclosed a surge in “mass scanning, credential brute-forcing, and exploitation attempts” originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January 8, 2025, targeted organizations worldwide, according to a two-part analysis published by Trustwave SpiderLabs last week.  “Net  – Read More  – The Hacker News 

The Russian state-sponsored threat actor known as APT29 has been linked to an advanced phishing campaign that’s targeting diplomatic entities across Europe with a new variant of WINELOADER and a previously unreported malware loader codenamed GRAPELOADER. “While the improved WINELOADER variant is still a modular backdoor used in later stages, GRAPELOADER is a newly observed initial-stage tool  – Read More ...

Kaspersky researchers report the reappearance of MysterySnail RAT, a malware linked to Chinese IronHusky APT, targeting Mongolia and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Midnight Blizzard (APT29/Cozy Bear) targets European embassies and Ministries of Foreign Affairs with sophisticated phishing emails disguised as…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below – node-telegram-utils (132 downloads) node-telegram-bots-api (82 downloads) node-telegram-util (73 downloads) According to supply chain  – Read More  – The Hacker News 

ASUS has disclosed a critical security flaw impacting routers with AiCloud enabled that could permit remote attackers to perform unauthorized execution of functions on susceptible devices. The vulnerability, tracked as CVE-2025-2492, has a CVSS score of 9.2 out of a maximum of 10.0. “An improper authentication control vulnerability exists in certain ASUS router firmware series,”  – Read More  – The...

Check out the top OSINT tools of 2025, an updated list featuring the best free and paid open-source…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024. “The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by ‘Wang Duo Yu,’” Cisco Talos researchers Azim Khodjibaev, Chetan  – Read...

A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. “Attackers increasingly rely on such complex delivery mechanisms to evade detection, bypass traditional sandboxes, and ensure successful payload delivery and execution,” Palo Alto Networks Unit 42 researcher Saqib Khanzada said in a technical write-up of the campaign. The  – Read More  –...

Your employees didn’t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated a chatbot into Salesforce. No big deal—until it is. If this sounds familiar, you’re not alone. Most security teams are already behind in detecting how AI tools are quietly reshaping...

Cybersecurity researchers are warning of continued risks posed by a distributed denial-of-service (DDoS) malware known as XorDDoS, with 71.3 percent of the attacks between November 2023 and February 2025 targeting the United States. “From 2020 to 2023, the XorDDoS trojan has increased significantly in prevalence,” Cisco Talos researcher Joey Chen said in a Thursday analysis.   – Read More  – The...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2025-24054 (CVSS score: 6.5), is a Windows New Technology LAN Manager (NTLM) hash disclosure  – Read More  – The Hacker News 

Following reports of unauthorized access to a legacy Oracle cloud environment, CISA warns of potential credential compromise leading…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Security researchers report CVE-2025-32433, a CVSS 10.0 RCE vulnerability in Erlang/OTP SSH, allowing unauthenticated code execution on exposed…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Qrator Labs reports it mitigated a massive record 965 Gbps DDoS attack in April 2025, the largest incident…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto