AttackFeed by Joe Wagner

Cybersecurity researchers have disclosed a critical flaw impacting Salesforce Agentforce, a platform for building artificial intelligence (AI) agents, that could allow attackers to potentially exfiltrate sensitive data from its customer relationship management (CRM) tool by means of an indirect prompt injection. The vulnerability has been codenamed ForcedLeak (CVSS score: 9.4) by Noma Security,  – Read … Read More “Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection  – The Hacker News” »

Artificial intelligence is no longer a future concept; it is being integrated into critical infrastructure, enterprise operations and security missions around the world. As we embrace AI’s potential and accelerate its innovation, we must also confront a new reality: the speed of cybersecurity conflict now exceeds human capacity. The timescale for effective threat response has … Read More “Contain or be contained: The security imperative of controlling autonomous AI  – CyberScoop” »

The North Korea-linked threat actors associated with the Contagious Interview campaign have been attributed to a previously undocumented backdoor called AkdoorTea, along with tools like TsunamiKit and Tropidoor. Slovak cybersecurity firm ESET, which is tracking the activity under the name DeceptiveDevelopment, said the campaign targets software developers across all operating systems, Windows,  – Read More  … Read More “North Korean Hackers Use New AkdoorTea Backdoor to Target Global Crypto Developers  – The Hacker News” »

/* ===== Container ===== */ .td-wrap /* ===== Section ===== */ .td-section .td-title margin: 16px 0 4px; font-size: 32px; line-height: 1.2; font-weight: 800; .td-subtitle margin: 0 0 24px; color: #64748b; font-size: 16px; /* ===== Timeline ===== */ .td-timeline position: relative; margin: 0 !important;padding: 0!important; list-style: none; /* spine */ .td-timeline:before   – Read More  – … Read More “Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More  – The Hacker News” »

Despite a coordinated investment of time, effort, planning, and resources, even the most up-to-date cybersecurity systems continue to fail. Every day. Why?  It’s not because security teams can’t see enough. Quite the contrary. Every security tool spits out thousands of findings. Patch this. Block that. Investigate this. It’s a tsunami of red dots that not … Read More “CTEM’s Core: Prioritization and Validation  – The Hacker News” »

China-backed UNC5221 targets US legal and tech firms by deploying BRICKSTORM malware on neglected VMware and Linux/BSD appliances, Google’s Mandiant reports.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Urgent warning for Fortra GoAnywhere MFT users. A CVSS 10.0 deserialization vulnerability (CVE-2025-10035) in the License Servlet allows command injection. Patch to v7.8.4 immediately to prevent system takeover.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The latest Gcore Radar report analyzing attack data from Q1–Q2 2025, reveals a 41% year-on-year increase in total attack volume. The largest attack peaked at 2.2 Tbps, surpassing the 2 Tbps record in late 2024. Attacks are growing not only in scale but in sophistication, with longer durations, multi-layered strategies, and a shift in target … Read More “Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds  – The Hacker News” »

Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code. The crates, named faster_log and async_println, were published by the threat actor under the alias rustguruman and dumbnbased on May 25, 2025, amassing 8,424 downloads in total, according to software supply … Read More “Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed  – The Hacker News” »

Luxembourg, Luxembourg, 25th September 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a denial-of-service (DoS) condition under specific circumstances. The company said the vulnerability, CVE-2025-20352 (CVSS score: 7.7), has been exploited in the wild, adding it became aware of it … Read More “Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software  – The Hacker News” »

Ransomware doesn’t just freeze computers – it can silence alarms too. And when the Natural History Museum in Paris went dark, thieves helped themselves to €600,000 worth of gold in a daring late-night heist. Meanwhile, developers have a new headache: a worm dubbed “Shai Hulud” has wriggled its way through more than 180 npm packages, … Read More “Smashing Security podcast #436: The €600,000 gold heist, powered by ransomware  – Graham Cluley” »

The Python Software Foundation (PSF) warns developers of phishing emails leading to a fake PyPI login site designed to steal account credentials.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been assessed to be a Chinese state-sponsored threat actor. Recorded Future, which was tracking the activity under the moniker TAG-100, has now graduated it to a hacking group … Read More “Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike  – The Hacker News” »

While investigating the security posture of various machine learning (ML) and artificial intelligence (AI) frameworks, the Trend Micro Zero Day Initiative (ZDI) Threat Hunting Team discovered a critical vulnerability in the NVIDIA Merlin Transformers4Rec library that could allow an attacker to achieve remote code execution with root privileges. This vulnerability, tracked as CVE-2025-23298, stems from … Read More “CVE-2025-23298: Getting Remote Code Execution in NVIDIA Merlin  – Zero Day Initiative – Blog” »

Companies in the legal services, software-as-a-service (SaaS) providers, Business Process Outsourcers (BPOs), and technology sectors in the U.S. have been targeted by a suspected China-nexus cyber espionage group to deliver a known backdoor referred to as BRICKSTORM. The activity, attributed to UNC5221 and closely related, suspected China-nexus threat clusters, is designed to facilitate  – Read … Read More “UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors  – The Hacker News” »

The 19-year-old U.K. national who was arrested at his London residence last week was a highly prolific cybercriminal and a core member of the nebulous hacker subset of The Com, researchers told CyberScoop. Authorities’ yearslong quest to uncover the identities of Scattered Spider associates and charge them with serious crimes reached a tipping point with … Read More “Teen arrested in UK was a core figure in Scattered Spider’s operations  – CyberScoop” »

Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks. The critical-rated vulnerabilities in question, discovered by Trend Micro, are listed below – CVE-2025-10643 (CVSS score: 9.1) – An authentication bypass vulnerability that  – Read … Read More “Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models  – The Hacker News” »

Ambitious, suspected Chinese hackers with a slew of goals — stealing intellectual property, mining intelligence on national security and trade, developing avenues for future advanced cyberattacks — have been setting up shop inside U.S. target networks for exceptionally long stretches of time, in a breach that the researchers who uncovered it said could present problems … Read More “Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign  – CyberScoop” »

Cloudflare stopped a record 22.2 Tbps DDoS attack, showing how massive these threats have become and why strong DDoS attack protection is essential.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

UK police arrest man over cyberattack on Collins Aerospace that disrupted check-in at Heathrow, Berlin, Brussels and other airports.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them. Download the complete iframe security guide here.  TL;DR: iframe Security Exposed Payment iframes are being actively exploited by attackers … Read More “iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks  – The Hacker News” »

Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share “significant” source code overlaps with IcedID and Latrodectus. “The exact connection to YiBackdoor is not yet clear, but it may be used in conjunction with Latrodectus and IcedID during attacks,” Zscaler ThreatLabz said in a Tuesday report. … Read More “New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus  – The Hacker News” »

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face … Read More “Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms  – Krebs on Security” »

Most businesses don’t make it past their fifth birthday – studies show that roughly 50% of small businesses fail within the first five years. So when KNP Logistics Group (formerly Knights of Old) celebrated more than a century and a half of operations, it had mastered the art of survival. For 158 years, KNP adapted and endured, … Read More “How One Bad Password Ended a 158-Year-Old Business  – The Hacker News” »

Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them. Download the complete iframe security guide here.  TL;DR: iframe Security Exposed Payment iframes are being actively exploited by attackers … Read More “iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks  – The Hacker News” »

The FBI is warning internet users about fake versions of its official IC3 cybercrime reporting website. Learn how to spot these ‘spoofed’ sites, avoid scams where criminals impersonate agents, and protect your personal information by following the FBI’s crucial safety tips.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) … Read More “Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials  – The Hacker News” »

Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors. The vulnerability, tracked as CVE-2025-59689, carries a CVSS score of 6.1, indicating medium severity. “Libraesva ESG is affected by a command injection flaw that can be triggered by … Read More “State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability  – The Hacker News” »

Microsoft patched an Entra ID vulnerability that let attackers impersonate Global Admins across tenants, risking full Microsoft 365 and Azure takeover.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Researchers say a Russian group sanctioned by the European Union and wanted by the U.S. government is behind an influence operation targeting upcoming elections in Moldova. In a report released Tuesday, researchers at the Atlantic Council’s Digital Forensic Research Lab said that REST Media — an online news outlet launched in June whose posts have … Read More “Researchers say media outlet targeting Moldova is a Russian cutout  – CyberScoop” »

Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, are  – Read More  – The … Read More “Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security  – The Hacker News” »

Terminating their employment is the easy part. The rest is complicated. When enterprises discover they have inadvertently hired North Korean information technology workers, they face a cascade of urgent decisions involving sanctions law, cybersecurity protocols, and law enforcement cooperation that can expose them to significant legal and financial risks. Incident response experts and cybersecurity lawyers … Read More “What to do if your company discovers a North Korean worker in its ranks  – CyberScoop” »

Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than €100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain. According to Eurojust, the coordinated action saw searches in five places across Spain and Portugal, as well as in … Read More “Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries  – The Hacker News” »