AttackFeed by Joe Wagner

A Facebook malvertising campaign is spreading the Brokewell spyware to Android users via fake TradingView ads. The malware…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A TransUnion data breach exposed 4.4 million US consumers’ Social Security numbers via a Salesforce hack. The attack…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

An abandoned update server associated with input method editor (IME) software Sogou Zhuyin was leveraged by threat actors as part of an espionage campaign to deliver several malware families, including C6DOOR and GTELAM, in attacks primarily targeting users across Eastern Asia. “Attackers employed sophisticated infection chains, such as hijacked software updates and fake cloud storage … Read More “Abandoned Sogou Zhuyin Update Server Hijacked, Weaponized in Taiwan Espionage Campaign  – The Hacker News” »

Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used “compromised websites to redirect visitors to malicious infrastructure designed to trick users into authorizing attacker-controlled devices through Microsoft’s device code  – Read … Read More “Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication  – The Hacker News” »

China’s reliance on domestic technology companies to carry out large-scale hacking operations—as highlighted by the U.S. government and its allies this week—is a weakness that poses risks for Beijing, a top FBI official told CyberScoop. Cyber agencies from around the world published an alert Wednesday about what officials have described as an indiscriminate cyberespionage campaign … Read More “Top FBI official says Chinese reliance on domestic firms for hacking is a weakness  – CyberScoop” »

Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data leak prevention for generative AI challenges. Sensitive information may be shared through chat prompts, files uploaded for AI-driven summarization, or browser plugins that bypass familiar security controls.  – Read … Read More “Can Your Security Stack See ChatGPT? Why Network Visibility Matters  – The Hacker News” »

The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to the public internet. FreePBX is an open-source private branch exchange (PBX) platform widely used by businesses, call centers, and service providers to manage voice communications. It’s built … Read More “FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available  – The Hacker News” »

Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates to address an authentication bypass vulnerability in its software. The issue, which is yet to be assigned a CVE identifier, has been addressed in Passwordstate 9.9 (Build 9972), released August 28, 2025. The Australian company said it fixed a … Read More “Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page  – The Hacker News” »

Authorities from the Netherlands and the United States have announced the dismantling of an illicit marketplace called VerifTools that peddled fraudulent identity documents to cybercriminals across the world. To that end, two marketplace domains (verif[.]tools and veriftools[.]net) and one blog have been taken down, redirecting site visitors to a splash page stating the action was … Read More “Feds Seize $6.4M VerifTools Fake-ID Marketplace, but Operators Relaunch on New Domain  – The Hacker News” »

The UN Reveals Widespread Trafficking into Online Scam Operations Every day, thousands of lives are torn apart in the shadows of Southeast Asia. A harrowing UN Human Rights Office (OHCHR) report from 29 August 2023 reveals that hundreds of thousands of individuals have been trafficked and forced into online scam operations, often under brutal and … Read More “Southeast Asia’s Hidden Crisis  – Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.” »

Google has revealed that the recent wave of attacks targeting Salesforce instances via Salesloft Drift is much broader in scope than previously thought, stating it impacts all integrations. “We now advise all Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised,” Google Threat … Read More “Google Warns Salesloft OAuth Breach Extends Beyond Salesforce, Impacting All Integrations  – The Hacker News” »

Cybersecurity researchers have discovered a cybercrime campaign that’s using malvertising tricks to direct victims to fraudulent sites to deliver a new information stealer called TamperedChef. “The objective is to lure victims into downloading and installing a trojanized PDF editor, which includes an information-stealing malware dubbed TamperedChef,” Truesec researchers Mattias Wåhlén, Nicklas  – Read More  – … Read More “TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies  – The Hacker News” »

CISA has added three actively exploited vulnerabilities in Citrix and Git to its KEV Catalogue. Federal agencies must…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Salesloft Drift customers are compromised in a much more expansive downstream attack spree than previously thought, potentially ensnaring any user that integrated the AI chat agent platform to another service. “We’re telling organizations to treat any Drift integration into any platform as potentially compromised, so that increases the scope of victims,” Mandiant Consulting CTO Charles … Read More “Salesloft Drift compromised en masse, impacting all third-party integrations  – CyberScoop” »

Cybersecurity researchers have discovered a loophole in the Visual Studio Code Marketplace that allows threat actors to reuse names of previously removed extensions. Software supply chain security outfit ReversingLabs said it made the discovery after it identified a malicious extension named “ahbanC.shiba” that functioned similarly to two other extensions – ahban.shiba and ahban.cychelloworld –  – … Read More “Researchers Find VS Code Flaw Allowing Attackers to Republish Deleted Extensions Under Same Names  – The Hacker News” »

Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. We’ve since learned that these scam gambling sites have proliferated thanks to a new Russian affiliate program called “Gambler Panel” that bills itself … Read More “Affiliates Flock to ‘Soulless’ Scam Gambling Machine  – Krebs on Security” »

Miami, United States, 28th August 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A supply chain attack called “s1ngularity” on Nx versions 20.9.0-21.8.0 stole thousands of developer credentials. The attack targeted…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Election officials should brace for direct attacks from the Trump administration and its state GOP allies on the integrity of U.S. elections — and plan for the possibility that federal agencies once charged with protecting elections will leverage their authorities to interfere in the process, a voting rights nonprofit warned. In a report released Wednesday, … Read More “Trump administration setting the stage for elections power grab, voting rights group warns  – CyberScoop” »

The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors. “While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and  – Read More  – … Read More “Salt Typhoon Exploits Cisco, Ivanti, Palo Alto Flaws to Breach 600 Organizations Worldwide  – The Hacker News” »

A coalition of international cybersecurity agencies led by the UK’s National Cyber Security Centre (NCSC) has publicly linked…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Picture this: Your team rolls out some new code, thinking everything’s fine. But hidden in there is a tiny flaw that explodes into a huge problem once it hits the cloud. Next thing you know, hackers are in, and your company is dealing with a mess that costs millions. Scary, right? In 2025, the average … Read More “Webinar: Why Top Teams Are Prioritizing Code-to-Cloud Mapping in Our 2025 AppSec  – The Hacker News” »

Email has always been a double-edged sword in the world of business. On one hand, it’s the fastest,…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Make sure your Chrome browser is updated to the latest version to stay protected.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Every day, businesses, teams, and project managers trust platforms like Trello, Asana, etc., to collaborate and manage tasks. But what happens when that trust is broken? According to a recent report by Statista, the average cost of a data breach worldwide was about $4.88 million. Also, in 2024, the private data of over 15 million … Read More “Hidden Vulnerabilities of Project Management Tools & How FluentPro Backup Secures Them  – The Hacker News” »

The maintainers of the nx build system have alerted users to a supply chain attack that allowed attackers to publish malicious versions of the popular npm package and other auxiliary plugins with data-gathering capabilities. “Malicious versions of the nx package, as well as some supporting plugin packages, were published to npm, containing code that scans … Read More “Malicious Nx Packages in ‘s1ngularity’ Attack Leaked 2,349 GitHub, Cloud, and AI Credentials  – The Hacker News” »

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced a fresh round of sanctions against two individuals and two entities for their role in the North Korean remote information technology (IT) worker scheme to generate illicit revenue for the regime’s weapons of mass destruction and ballistic missile programs. “The North Korean … Read More “U.S. Treasury Sanctions DPRK IT-Worker Scheme, Exposing $600K Crypto Transfers and $1M+ Profits  – The Hacker News” »

We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal password vault. Then we time-hope to the post-quantum scramble: “harvest-now, decrypt later”, Microsoft’s 2033 quantum-safe pledge, and whether your printer will survive … Read More “Smashing Security podcast #432: Oops! I auto-filled my password into a cookie banner  – Graham Cluley” »

ESET has identified PromptLock, the first AI-powered ransomware, using OpenAI models to generate scripts that target Windows, Linux…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The Treasury Department on Wednesday expanded efforts to disrupt the pervasive North Korean technical worker scheme by imposing sanctions on people and organizations serving as facilitators and fronts for the country’s years-long conspiracy effort to defraud businesses and earn money despite international sanctions.  Vitaly Sergeyevich Andreyev, Kim Ung Sun, Shenyang Geumpungri Network Technology and Korea … Read More “Treasury sanctions North Korea IT worker scheme facilitators and front organizations  – CyberScoop” »

A notorious Chinese hacking campaign against telecommunications companies has now reached into a variety of additional sectors across the globe, including government, transportation, lodging and military targets, according to an alert U.S. and world cybersecurity agencies published Wednesday. The alert is an effort to give technical details to potential victims of the campaign from the … Read More “Salt Typhoon hacking campaign goes beyond previously disclosed targets, world cyber agencies say  – CyberScoop” »

Cybersecurity firm Netcraft has discovered a new task scam cluster that has stolen over $1 million in crypto.…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The financially motivated threat actor known as Storm-0501 has been observed refining its tactics to conduct data exfiltration and extortion attacks targeting cloud environments. “Unlike traditional on-premises ransomware, where the threat actor typically deploys malware to encrypt critical files across endpoints within the compromised network and then negotiates for a decryption key,  – Read More  … Read More “Storm-0501 Exploits Entra ID to Exfiltrate and Delete Azure Data in Hybrid Cloud Attacks  – The Hacker News” »

Google says it is starting a cyber “disruption unit,” a development that arrives in a potentially shifting U.S. landscape toward more offensive-oriented approaches in cyberspace. But the contours of that larger shift are still unclear, and whether or to what extent it’s even possible. While there’s some momentum in policymaking and industry circles to put … Read More “Google previews cyber ‘disruption unit’ as U.S. government, industry weigh going heavier on offense  – CyberScoop” »

Farmers Insurance reports a breach affecting 1.1 million customers. Learn how the attack, linked to groups ShinyHunters and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto