AttackFeed by Joe Wagner

GitHub on Monday announced that it will be changing its authentication and publishing options “in the near future” in response to a recent wave of supply chain attacks targeting the npm ecosystem, including the Shai-Hulud attack. This includes steps to address threats posed by token abuse and self-replicating malware by allowing local publishing with required … Read More “GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security  – The Hacker News” »

Cybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The activity, dubbed Operation Rewrite, is being tracked by Palo Alto Networks Unit 42 under the moniker … Read More “BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells  – The Hacker News” »

Stellantis, parent of Jeep, Chrysler, Dodge and FIAT, confirms data breach through third-party vendor. Contact info exposed, financial data not affected.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Hackers are increasingly adopting the techniques of the Chinese group that successfully infiltrated major telecommunications providers in attacks that made headlines last year by looking for unconventional weak spots, an AT&T executive said Monday. AT&T was one of the major providers to fall victim to the sweeping campaign from the group, known as Salt Typhoon, … Read More “Telecom exec: Salt Typhoon inspiring other hackers to use unconventional techniques  – CyberScoop” »

A teenage boy suspected of participating in cyberattacks on multiple Las Vegas casinos in late 2023 was arrested last week. The Las Vegas Metropolitan Police Department said the minor turned himself in Wednesday at the Clark County Juvenile Detention Center, where he was booked on multiple charges.  The suspect, who is unnamed because he’s a … Read More “Las Vegas police arrest minor accused of high-profile 2023 casino attacks  – CyberScoop” »

A new malware loader, CountLoader, has been discovered by cybersecurity firm Silent Push. This threat is linked to prominent Russian ransomware gangs, including LockBit, BlackBasta, and Qilin, and is being used as an initial access broker.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Not long ago, the mere idea that cryptocurrencies could ever be integrated into mainstream finance would have seemed…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group called ComicForm since at least April 2025. The activity primarily targeted industrial, financial, tourism, biotechnology, research, and trade sectors, cybersecurity company F6 said in an analysis published last week. The attack chain involves  … Read More “ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks  – The Hacker News” »

The security landscape now moves at a pace no patch cycle can match. Attackers aren’t waiting for quarterly updates or monthly fixes—they adapt within hours, blending fresh techniques with old, forgotten flaws to create new openings. A vulnerability closed yesterday can become the blueprint for tomorrow’s breach. This week’s recap explores the trends driving that … Read More “⚡ Weekly Recap: Chrome 0-Day, AI Hacking Tools, DDR5 Bit-Flips, npm Worm & More  – The Hacker News” »

Radware researchers revealed a service-side flaw in OpenAI’s ChatGPT. The ShadowLeak attack had used indirect prompt injection to bypass defences and leak sensitive data, but the issue has since been fixed.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Europol and 18 countries used AI forensics to identify 51 child victims and 60 suspects in a global online abuse investigation.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

We hear this a lot: “We’ve got hundreds of service accounts and AI agents running in the background. We didn’t create most of them. We don’t know who owns them. How are we supposed to secure them?” Every enterprise today runs on more than users. Behind the scenes, thousands of non-human identities, from service accounts … Read More “How to Gain Control of AI Agents and Non-Human Identities  – The Hacker News” »

Pessimism is mounting about the chances that Congress will reauthorize a cyber threat information-sharing law before it’s set to expire at the end of this month — with no clear path for either a temporary or long-term extension. Industry groups and the Trump administration have put a lot of muscle into renewing the 2015 Cybersecurity … Read More “Cyber threat information law hurtles toward expiration, with poor prospects for renewal  – CyberScoop” »

In August 2024, the National Institute of Standards and Technology published its first set of post-quantum cryptography (PQC) standards, the culmination of over seven years of cryptographic scrutiny, review and competition.  As the standards were announced, the implications for cybersecurity leaders were clear: The U.S. government must re-secure its entire digital infrastructure — from battlefield … Read More “Why federal IT leaders must act now to deliver NIST’s post-quantum cryptography transition  – CyberScoop” »

The UK’s spy agency, MI6, has launched a new dark web portal called Silent Courier to securely recruit agents worldwide, particularly from Russia. Learn how this shift to the dark web marks a new era in modern espionage and national security.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. … Read More “Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants  – The Hacker News” »

Threat actors with ties to the Democratic People’s Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret. “The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles,” … Read More “DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams  – The Hacker News” »

Cyberattack on Collins Aerospace check-in system disrupts major European airports, causing flight delays and cancellations across hubs.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malware-laced programs masquerading as legitimate tools. “In the case of LastPass, the fraudulent repositories redirected potential victims to a repository that downloads the Atomic infostealer malware,” researchers Alex Cox, Mike Kosak, and  – Read More  … Read More “LastPass Warns of Fake Repositories Infecting macOS with Atomic Infostealer  – The Hacker News” »

Cybersecurity researchers have discovered what they say is the earliest example known to date of a malware with that bakes in Large Language Model (LLM) capabilities. The malware has been codenamed MalTerminal by SentinelOne SentinelLABS research team. The findings were presented at the LABScon 2025 security conference. In a report examining the malicious use of … Read More “Researchers Uncover GPT-4-Powered MalTerminal Malware Creating Ransomware, Reverse Shell  – The Hacker News” »

Cybersecurity researchers have disclosed a zero-click flaw in OpenAI ChatGPT’s Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action. The new class of attack has been codenamed ShadowLeak by Radware. Following responsible disclosure on June 18, 2025, the issue was addressed … Read More “ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent  – The Hacker News” »

Researchers warned that a maximum-severity vulnerability affecting GoAnywhere MFT bears striking similarities with a widely exploited defect in the same file-transfer service two years ago. Fortra, the cybersecurity vendor behind the product, disclosed and released a patch for the vulnerability — CVE-2025-10035 — Thursday. The deserialization vulnerability “allows an actor with a validly forged license … Read More “Researchers raise alarm over maximum-severity defect in GoAnywhere file-transfer service  – CyberScoop” »

New investigation exposes a China-based ring that sold over 6,500 fake United States and Canadian IDs using well-planned covert packaging. Learn how this operation threatens national security and enables financial crime.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It’s assessed to be affiliated with Iran’s Islamic  … Read More “UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware  – The Hacker News” »

The Trump administration is signaling to industry and allies that it is considering a broader set of actions related to quantum computing, both to improve the nation’s capacity to defend against future quantum-enabled hacks and ensure the United States promotes and maintains global dominance around a key national security technology. The discussions include potentially taking … Read More “Trump administration planning expansion of U.S. quantum strategy  – CyberScoop” »

New York, New York, 19th September 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. The vulnerability, tracked as CVE-2025-10035, carries a CVSS score of 10.0, indicating maximum severity. “A deserialization vulnerability in the License Servlet of Fortra’s GoAnywhere MFT allows an actor with a … Read More “Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability  – The Hacker News” »

A proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. “REM Proxy is a sizeable network, which also markets a pool of 20,000 Mikrotik routers and a variety of … Read More “SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers  – The Hacker News” »

The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. “Phishing-as-a-Service (PhaaS) deployments have risen significantly recently,” Netcraft said in a new report. “The PhaaS operators charge a monthly fee for phishing software with pre-installed templates impersonating, in some cases,  – … Read More “17,500 Phishing Domains Target 316 Brands Across 74 Countries in Global PhaaS Surge  – The Hacker News” »