AttackFeed by Joe Wagner

‘This is a blatant and disturbing disregard for the law and for people’s security,’ digital rights advocate says Get our breaking news email, free app or daily news podcast Australian platforms used by real estate agents to upload documentation for renters and landlords are leaving people’s personal information exposed in hyperlinks accessible online. An analysis … Read More “Real estate agents in Australia using apps that leave millions of lease documents at risk, digital researcher says  – Data and computer security | The Guardian” »

US authorities take control of over $400 million in crypto, cash, and property tied to Helix, a major darknet bitcoin mixing service used by drug markets.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

We usually think of computer viruses as silent, invisible programs running in the background, but a worrying discovery shows that modern hackers are getting much more personal.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

“Juice jacking” may be a new term for some, but it has been around as a method of cyber attack for a long time. The former problem was that it was expensive to install, but now that has all changed. The tools required for juice jacking have become cheaper and easier and it’s now a … Read More “Juice Jacking Continues to Be a Cyber Problem in South Africa  – Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.” »

A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations and individuals involved in documenting recent human rights abuses. The activity, observed by HarfangLab in January 2026, has been codenamed RedKitten. It’s said to coincide with the nationwide unrest in Iran that began towards the … Read More “Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists  – The Hacker News” »

The FBI has seized control of RAMP, a notorious cybercrime online forum that bragged to be the only place that allowed ransomware, and boasted over 14,000 active users. Now some of those users’ details are likely to be in the hands of the police… Read more in my article on the Bitdefender blog.  – Read … Read More “FBI takes notorious RAMP ransomware forum offline  – GRAHAM CLULEY” »

A 38 year old was convicted on seven counts of economic espionage and seven counts of theft of trade secrets following an 11 day trial.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

Google-owned Mandiant on Friday said it identified an “expansion in threat activity” that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters. The attacks leverage advanced voice phishing (aka vishing) and bogus credential harvesting sites mimicking targeted companies to gain unauthorized access to victim  – Read More  – … Read More “Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms  – The Hacker News” »

CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks targeted more than 30 wind and photovoltaic farms, a private company from the manufacturing sector, and a large combined heat and power plant (CHP) supplying heat to almost half a million customers in the country. The incident took place on December 29, … Read More “CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms  – The Hacker News” »

A trio of domains that allegedly distributed pirated content, including movies, TV shows, video games and other content was seized by the U.S. government as part of a globally coordinated crackdown on copyright infringement, the Justice Department said Friday. The sites — zamunda.net, arenabg.com and zelka.org — were among the most popular domains in Bulgaria … Read More “DOJ seizes piracy sites, Italian police dismantle illegal IPTV operation  – CyberScoop” »

Another day, another Android malware campaign targeting unsuspecting users worldwide by masquerading as popular apps.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

Millions of devices used as proxies by cybercriminals, espionage groups and data thieves have been removed from circulation following Google’s disruption of IPIDEA, a China-based residential proxy network. The reduction in available proxy devices came after Google’s Threat Intelligence Group used legal action and intelligence sharing to target the company’s domain infrastructure, Google said in … Read More “Google’s disruption rips millions out of devices out of malicious network  – CyberScoop” »

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome  … Read More “Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access  – The Hacker News” »

Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets in Thailand and Vietnam. The scale … Read More “China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware  – The Hacker News” »

Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals? What brought them in, where do they come from and what was their function in the crimescape? Introduction: One view on the scattered fight against cybercrime The growing sophistication and diversification of cybercrime have compelled law enforcement agencies worldwide to … Read More “Badges, Bytes and Blackmail  – The Hacker News” »

Much of the public conversation about the U.S. “winning” the AI race with China centers exclusively on each nations’ ability to develop and implement leading AI models. But amid escalating cyber threats, the rising reality is that the race will not be won merely by the nation with the most advanced technology, but the one … Read More “Cybersecurity can be America’s secret weapon in the AI race  – CyberScoop” »

SmarterTools has addressed two more security flaws in SmarterMail email software, including one critical security flaw that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-24423, carries a CVSS score of 9.3 out of 10.0. “SmarterTools SmarterMail versions prior to build 9511 contain an unauthenticated remote code execution vulnerability in the ConnectToHub API  … Read More “SmarterMail Fixes Critical Unauthenticated RCE Flaw with CVSS 9.3 Score  – The Hacker News” »

A former Google engineer accused of stealing thousands of the company’s confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday. Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionage and seven counts of theft … Read More “Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup  – The Hacker News” »

Ivanti has rolled out security updates to address two security flaws impacting Ivanti Endpoint Manager Mobile (EPMM) that have been exploited in zero-day attacks, one of which has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog. The critical-severity vulnerabilities are listed below – CVE-2026-1281 (CVSS … Read More “Two Ivanti EPMM Zero-Day RCE Flaws Actively Exploited, Security Updates Released  – The Hacker News” »

The internet domain registration system is a major weakness that malicious hackers can exploit, but is often being overlooked, a senior Secret Service official said Thursday. “It is staggering to me that we live in a world where domain registrars and registrars will do bulk registration of various spellings of a major institution’s brand name … Read More “The ‘staggering’ cybersecurity weakness that isn’t getting enough focus, according to a top Secret Service official  – CyberScoop” »

A new joint investigation by SentinelOne SentinelLABS, and Censys has revealed that the open-source artificial intelligence (AI) deployment has created a vast “unmanaged, publicly accessible layer of AI compute infrastructure” that spans 175,000 unique Ollama hosts across 130 countries. These systems, which span both cloud and residential networks across the world, operate outside the  – … Read More “Researchers Find 175,000 Publicly Exposed Ollama AI Servers Across 130 Countries  – The Hacker News” »

Following a federal raid on Fulton County, Georgia’s Elections Office, lawmakers and state election officials sharply criticized  the Trump administration, accusing the White House of chasing baseless internet conspiracy theories about fraud in the 2020 election. Officials also warned the raid could set a precedent for similar federal actions targeting the 2026 midterm elections. According … Read More “Lawmakers, election officials blast Trump administration after Fulton County raid   – CyberScoop” »

The U.S. government wants the rest of the world to adopt its artificial intelligence cybersecurity standards, a top official with the Office of the National Cyber Director said Thursday. As part of an effort to advance American AI, the administration will be “undertaking diplomacy efforts to promote American AI cybersecurity standards and norms, establishing industry … Read More “US wants to push its view of AI cybersecurity standards to the rest of the world  – CyberScoop” »

Pillar Security Research has discovered Operation Bizarre Bazaar, a massive cyberattack campaign led by a hacker known as Hecker. Between December 2025 and January 2026, over 35,000 sessions were recorded targeting AI systems to steal compute power and resell access via silver.inc.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

Common cloud migration security mistakes explained, from weak access controls to misconfigurations, plus practical steps organisations can take to avoid risk.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

Crypto security firm Sodot launches Exchange API Vault to stop API key theft, securing billions in assets while supporting low latency, high frequency trading.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

Mac users searching for software on Google or other search engines should be extra careful.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

A Chinese national has been sentenced for his role in a massive $36.9 million cryptocurrency scam operated from…  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI, and More 

This week’s updates show how small changes can create real problems. Not loud incidents, but quiet shifts that are easy to miss until they add up. The kind that affects systems people rely on every day. Many of the stories point to the same trend: familiar tools being used in unexpected ways. Security controls are … Read More “ThreatsDay Bulletin: New RCEs, Darknet Busts, Kernel Bugs & 25+ More Stories  – The Hacker News” »

A study by OMICRON has revealed widespread cybersecurity gaps in the operational technology (OT) networks of substations, power plants, and control centers worldwide. Drawing on data from more than 100 installations, the analysis highlights recurring technical, organizational, and functional issues that leave critical energy infrastructure vulnerable to cyber threats. The findings are based on  – … Read More “Survey of 100+ Energy Systems Reveals Critical OT Cybersecurity Gaps  – The Hacker News” »

Beyond the direct impact of cyberattacks, enterprises suffer from a secondary but potentially even more costly risk: operational downtime, any amount of which translates into very real damage. That’s why for CISOs, it’s key to prioritize decisions that reduce dwell time and protect their company from risk.  Three strategic steps you can take this year … Read More “3 Decisions CISOs Need to Make to Prevent Downtime Risk in 2026  – The Hacker News” »

A North Korea-backed threat group operating since 2009 has splintered into three distinct groups with specialized malware and objectives, CrowdStrike said in a report released Thursday. Labeled “Labyrinth Chollima” by the company, the group follows a divergence pattern CrowdStrike observed previously. Labyrinth Chollima has spawned two additional groups: Golden Chollima and Pressure Chollima. The spin-offs, … Read More “Long-running North Korea threat group splits into 3 distinct operations  – CyberScoop” »