AttackFeed by Joe Wagner

CloudSEK uncovered a Pakistan-based family cybercrime network that spread infostealers via pirated software, netting $4.67M and millions of…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators’ infrastructure. “The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft capabilities to target more than 700 banking, shopping, and cryptocurrency applications,”  – Read More  … Read More “ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure  – The Hacker News” »

The threat actor known as EncryptHub is continuing to exploit a now-patched security flaw impacting Microsoft Windows to deliver malicious payloads. Trustwave SpiderLabs said it recently observed an EncryptHub campaign that brings together social engineering and the exploitation of a vulnerability in the Microsoft Management Console (MMC) framework (CVE-2025-26633, aka MSC EvilTwin) to trigger  – … Read More “Russian Group EncryptHub Exploits MSC EvilTwin Vulnerability to Deploy Fickle Stealer Malware  – The Hacker News” »

A federal district court declined to step in and review a combined $92 million fine imposed by the Federal Communications Commission on T-Mobile and Sprint for selling customer geolocation data to third parties, saying Congress has recognized “the highly sensitive nature” of such information. In a unanimous decision, the U.S. District Court of Appeals for … Read More “Court rebuffs request by telecoms to review $92 million privacy fine    – CyberScoop” »

A Chinese-speaking advanced persistent threat (APT) actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talos to an activity cluster it tracks as UAT-7237, which is believed to be active … Read More “Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools  – The Hacker News” »

A federal court has upheld the Federal Communications Commission’s authority to impose stricter data breach notification regulations on the telecom sector, including requirements that the industry notifies customers when their personally identifiable information is exposed in a hack. In a 2-1 decision, the U.S. Sixth Circuit Court of Appeals concluded that the FCC did not … Read More “Court upholds FCC data breach reporting rules on telecom sector  – CyberScoop” »

Cisco disclosed a maximum-severity vulnerability affecting its Secure Firewall Management Center Software that could allow unauthenticated attackers to inject arbitrary shell commands and execute high-privilege commands, the vendor said in a security advisory Thursday.  The enterprise networking vendor said it discovered the vulnerability — CVE-2025-20265 — during internal security testing. Cisco released a patch for … Read More “Cisco discloses maximum-severity defect in firewall software  – CyberScoop” »

Thai police arrest SMS Blaster operator in smishing scam and bust crypto laundering gang moving $30M monthly through…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

We used to think of privacy as a perimeter problem: about walls and locks, permissions, and policies. But in a world where artificial agents are becoming autonomous actors — interacting with data, systems, and humans without constant oversight — privacy is no longer about control. It’s about trust. And trust, by definition, is about what … Read More “Zero Trust + AI: Privacy in the Age of Agentic AI  – The Hacker News” »

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday renewed sanctions against Russian cryptocurrency exchange platform Garantex for facilitating ransomware actors and other cybercriminals by processing more than $100 million in transactions linked to illicit activities since 2019. The Treasury said it’s also imposing sanctions on Garantex’s successor, Grinex  – … Read More “U.S. Sanctions Garantex and Grinex Over $100M in Ransomware-Linked Illicit Crypto Transactions  – The Hacker News” »

NIST has released a concept paper for new control overlays to secure AI systems, built on the SP…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cisco has released security updates to address a maximum-severity security flaw in Secure Firewall Management Center (FMC) Software that could allow an attacker to execute arbitrary code on affected systems. The vulnerability, assigned the CVE identifier CVE-2025-20265 (CVSS score: 10.0), affects the RADIUS subsystem implementation that could permit an unauthenticated, remote attacker to inject  – … Read More “Cisco Warns of CVSS 10.0 FMC RADIUS Flaw Allowing Remote Code Execution  – The Hacker News” »

Cisco Talos researchers have discovered a dangerous new malware framework called PS1Bot. Active since early 2025, this sophisticated…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

U.S. officials imposed sanctions Thursday on Russian cryptocurrency exchange Garantex, its successor Grinex, and related affiliates, while also targeting its leaders for arrest with financial rewards. These measures are part of intensified efforts to halt the flow of ransomware proceeds facilitated by the platforms. The Treasury Department’s Office of Foreign Assets Control re-designated Garantex for … Read More “US widens sanctions on Russian crypto exchange Garantex, its successor and affiliate firms  – CyberScoop” »

Beware of fake Netflix job offers! A new phishing campaign is targeting job seekers, using fraudulent interviews to…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct powerful denial-of-service (DoS) attacks. “MadeYouReset bypasses the typical server-imposed limit of 100 concurrent HTTP/2 requests per TCP connection from a client. This limit is intended to mitigate DoS attacks by restricting the number of simultaneous  … Read More “New HTTP/2 ‘MadeYouReset’ Vulnerability Enables Large-Scale DoS Attacks  – The Hacker News” »

Fake Home Office emails target the UK Visa Sponsorship System, stealing logins to issue fraudulent visas and run…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Norway says pro-Russian hackers breached a dam in Bremanger in April, opening a water valve for 4 hours…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Japan’s CERT coordination center (JPCERT/CC) on Thursday revealed it observed incidents that involved the use of a command-and-control (C2) framework called CrossC2, which is designed to extend the functionality of Cobalt Strike to other platforms like Linux and Apple macOS for cross-platform system control. The agency said the activity was detected between September and December … Read More “Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon’s Reach to Linux and macOS  – The Hacker News” »

Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for facilitating fraudulent transactions in attacks targeting banking customers in Brazil. “PhantomCard relays NFC data from a victim’s banking card to the fraudster’s device,” ThreatFabric said in a report. “PhantomCard is based on  – Read More  … Read More “New Android Malware Wave Hits Banking via NFC Relay Fraud, Call Hijacking, and Root Exploits  – The Hacker News” »

You check that the windows are shut before leaving home. Return to the kitchen to verify that the oven and stove were definitely turned off. Maybe even circle back again to confirm the front door was properly closed. These automatic safety checks give you peace of mind because you know the unlikely but potentially dangerous … Read More “Have You Turned Off Your Virtual Oven?  – The Hacker News” »

Zimperium’s zLabs team uncovers a critical security flaw in the popular Android rooting tool, KernelSU v0.5.7. Learn how…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Story teaser text: Cybersecurity leaders face mounting pressure to stop attacks before they start, and the best defense may come down to the settings you choose on day one. In this piece, Yuriy Tsibere explores how default policies like deny-by-default, MFA enforcement, and application Ringfencing ™ can eliminate entire categories of risk. From disabling Office … Read More “Simple Steps for Attack Surface Reduction  – The Hacker News” »

Google said it’s implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to “ensure a safe and compliant ecosystem for users.” The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South Korea, Switzerland, … Read More “Google Requires Crypto App Licenses in 15 Regions as FBI Warns of $9.9M Scam Losses  – The Hacker News” »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws impacting N-able N-central to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.  N-able N-central is a Remote Monitoring and Management (RMM) platform designed for Managed Service Providers (MSPs), allowing customers to efficiently manage and secure  – Read More  … Read More “CISA Adds Two N-able N-central Flaws to Known Exploited Vulnerabilities Catalog  – The Hacker News” »

A poisoned Google Calendar invite that can hijack your smart home, a man is hospitalised after ChatGPT told him to season his food with… pesticide, and some thoughts on Superman’s latest cinematic outing. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley, joined this … Read More “Smashing Security podcast #430: Poisoned Calendar invites, ChatGPT, and Bromide  – Graham Cluley” »

Russia is restricting calls on the WhatsApp and Telegram messaging apps in what it says is a bid to counter criminal activity, but that WhatsApp contends is a response to its defiance of government efforts to violate user communication rights. “According to law enforcement agencies’ information and numerous reports from citizens, the foreign messengers Telegram … Read More “Russia restricts WhatsApp, Telegram calls, alleging criminal, terrorist activity  – CyberScoop” »

Fortinet warned customers in an advisory Tuesday of a critical vulnerability in FortiSIEM, its security information and event management software, adding that “practical exploit code” for the defect exists in the wild. The OS command injection vulnerability, CVE-2025-25256, has an initial CVSS score of 9.8 and could allow unauthenticated attackers to escalate privileges and execute … Read More “Fortinet SIEM issue coincides with spike in brute-force traffic against company’s SSL VPNs  – CyberScoop” »

Kaspersky reports Efimer Trojan infecting thousands, swapping crypto wallets, brute-forcing sites, and spreading through torrents and phishing. Cybercriminals…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Two executive orders President Donald Trump has signed in recent months could prove to have a more dramatic impact on cybersecurity than first thought, for better or for worse. Overall, some of Trump’s executive orders have been more about sending a message than spurring lasting change, as there are limits to their powers. Specifically, some … Read More “The overlooked changes that two Trump executive orders could bring to cybersecurity  – CyberScoop” »