AttackFeed by Joe Wagner

Cybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence (AI)-powered code editor Cursor that could result in remote code execution. The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to the fact that it exploits a quirk in the way the software handles modifications … Read More “Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval  – The Hacker News” »

Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild. The vulnerabilities include CVE-2025-21479 (CVSS score: 8.6) and CVE-2025-27038 (CVSS score: 7.5), both of which were disclosed alongside CVE-2025-21480 (CVSS score: 8.6), by the chipmaker back in June … Read More “Google’s August Patch Fixes Two Qualcomm Vulnerabilities Exploited in the Wild  – The Hacker News” »

In episode 62 of The AI Fix, your hosts learn how AI models smash through CAPTCHA roadblocks like they’re made of wet tissue paper – so much for humanity’s last line of defence. Meanwhile, we meet a bottle-flipping robot and call BS on a cartwheeling cyborg, Graham has a full-blown breakdown over traffic light puzzles, … Read More “The AI Fix #62: AI robots can now pass CAPTCHAs, and punch you in the face  – Graham Cluley” »

Pandora cyber attack exposes customer data via third-party breach. No passwords or payment info leaked, but phishing risks remain.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Hackers are installing multiple RMMs like Atera and Splashtop in a new malware attack. This article details the abuse of Discord CDN link andn fake OneDrive phishing campaign discovered by Sublime Security.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

In SaaS security conversations, “misconfiguration” and “vulnerability” are often used interchangeably. But they’re not the same thing. And misunderstanding that distinction can quietly create real exposure. This confusion isn’t just semantics. It reflects a deeper misunderstanding of the shared responsibility model, particularly in SaaS environments where the line between vendor and customer  – Read More  … Read More “Misconfigurations Are Not Vulnerabilities: The Costly Confusion Behind Security Risks  – The Hacker News” »

Why do SOC teams still drown in alerts even after spending big on security tools? False positives pile up, stealthy threats slip through, and critical incidents get buried in the noise. Top CISOs have realized the solution isn’t adding more and more tools to SOC workflows but giving analysts the speed and visibility they need … Read More “How Top CISOs Save Their SOCs from Alert Chaos to Never Miss Real Incidents  – The Hacker News” »

Cybersecurity researchers have lifted the veil on a widespread malicious campaign that’s targeting TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps. “Threat actors are exploiting the official in-app e-commerce platform through a dual attack strategy that combines phishing and malware to target users,” CTM360 said. “The core tactic involves … Read More “15,000 Fake TikTok Shop Domains Deliver Malware, Steal Crypto via AI-Driven Scam Campaign  – The Hacker News” »

SonicWall said it’s actively investigating reports to determine if there is a new zero-day vulnerability following reports of a spike in Akira ransomware actors in late July 2025. “Over the past 72 hours, there has been a notable increase in both internally and externally reported cyber incidents involving Gen 7 SonicWall firewalls where SSLVPN is … Read More “SonicWall Investigating Potential SSL VPN Zero-Day After 20+ Targeted Attacks Reported  – The Hacker News” »

Google addressed six vulnerabilities affecting Android devices in its August security update, marking a months-long lull in the number of software defects disclosed and patched in the mobile operating system this summer. The company issued no security patches in its update last month. Yet, monthly Android security bulletins typically address dozens of vulnerabilities. Google’s Android … Read More “Google addresses six vulnerabilities in August’s Android security update  – CyberScoop” »

Artificial intelligence startup Perplexity is using stealthy techniques to get around network blocks against systematic browsing and scraping of web pages, Cloudflare said Monday in a blog post. The alleged activity prompted Cloudflare, which received complaints from its customers, to take action against Perplexity. “There are clear preferences that crawlers should be transparent, serve a … Read More “AI company Perplexity is sneaking to get around blocks on crawlers, Cloudflare alleges  – CyberScoop” »

A new Proofpoint report reveals how attackers are using Microsoft 365’s Direct Send and unsecured SMTP relays to…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Vietnamese-speaking hackers are carrying out a “highly evasive, multi-stage operation” to steal information from thousands of victims in more than 62 countries, researchers said in a report published Monday. The attackers emerged late last year but have evolved with novel techniques this year, with SentinelLABS of SentinelOne and Beazley Security ultimately identifying 4,000 victims, most … Read More “‘Highly evasive’ Vietnamese-speaking hackers stealing data from thousands of victims in 62+ nations  – CyberScoop” »

BlackSuit’s technical infrastructure was seized in a globally coordinated takedown operation last month that authorities touted as a significant blow in the fight against cybercrime. The ransomware group’s leak site has displayed a seizure notice since July 24. The takedown followed a long investigation, which allowed authorities to confiscate “considerable amounts of data,” and identify … Read More “Details emerge on BlackSuit ransomware takedown  – CyberScoop” »

JSCEAL malware targets millions using fake crypto app ads to steal wallets and data. Users urged to stay alert and avoid downloading from untrusted sources.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A newly disclosed set of security flaws in NVIDIA’s Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence (AI) models at scale, could be exploited to take over susceptible servers. “When chained together, these flaws can potentially allow a remote, unauthenticated attacker to gain complete control of the server, achieving … Read More “NVIDIA Triton Bugs Let Unauthenticated Attackers Execute Code and Hijack AI Servers  – The Hacker News” »

Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer. The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint  … Read More “Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally  – The Hacker News” »

Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000 devices, primarily across Portugal, Spain, France, Morocco, Peru, and Hong Kong. “The botnet’s rapid growth, which now exceeds 2,000 new infections per week, is driven by aggressive campaigns focusing on Spanish and French speakers, indicating a … Read More “PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads  – The Hacker News” »

Cybersecurity threats to local governments are part of life in the digital environment in which people live today.…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The Senate voted to confirm Sean Cairncross as national cyber director Saturday, giving the Trump administration one of its top cyber officials after a more than five-month process. The vote was 59-35. President Donald Trump nominated Cairncross on Feb. 12. The Senate Homeland Security and Governmental Affairs Committee held a hearing on his nomination in … Read More “Senate confirms national cyber director pick Sean Cairncross  – CyberScoop” »

North Korean operatives seeking and gaining technical jobs with foreign companies kept CrowdStrike busy, accounting for almost one incident response case or investigation per day in the past year, the company said in its annual threat hunting report released Monday. “We saw a 220% year-over-year increase in the last 12 months of Famous Chollima activity,” … Read More “CrowdStrike investigated 320 North Korean IT worker cases in the past year  – CyberScoop” »

Everyone’s an IT decision-maker now. The employees in your organization can install a plugin with just one click, and they don’t need to clear it with your team first. It’s great for productivity, but it’s a serious problem for your security posture. When the floodgates of SaaS and AI opened, IT didn’t just get democratized, … Read More “The Wild West of Shadow IT  – The Hacker News” »

Newark, United States, 4th August 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Some of the most devastating cyberattacks don’t rely on brute force, but instead succeed through stealth. These quiet intrusions often go unnoticed until long after the attacker has disappeared. Among the most insidious are man-in-the-middle (MITM) attacks, where criminals exploit weaknesses in communication protocols to silently position themselves between two unsuspecting parties  – Read More  … Read More “Man-in-the-Middle Attack Prevention Guide  – The Hacker News” »

Security researchers at Bitdefender have found two critical vulnerabilities (CVE-2025-31700, CVE-2025-31701) in popular Dahua security cameras, including the Hero C1 model.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Malware isn’t just trying to hide anymore—it’s trying to belong. We’re seeing code that talks like us, logs like us, even documents itself like a helpful teammate. Some threats now look more like developer tools than exploits. Others borrow trust from open-source platforms, or quietly build themselves out of AI-written snippets. It’s not just about … Read More “⚡ Weekly Recap: VPN 0-Day, Encryption Backdoor, AI Malware, macOS Flaw, ATM Hack & More  – The Hacker News” »

A new security flaw, LegalPwn, exploits a weakness in generative AI tools like GitHub Copilot and ChatGPT, where malicious code is disguised as legal disclaimers. Learn why human oversight is now more critical than ever for AI security.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

North Korean operatives seeking and gaining technical jobs with foreign companies kept CrowdStrike busy, accounting for almost one incident response case or investigation per day in the past year, the company said in its annual threat hunting report released Monday. “We saw a 220% year-over-year increase in the last 12 months of Famous Chollima activity,” … Read More “CrowdStrike investigated 320 North Korean IT worker cases in the past year  – CyberScoop” »

Security firm Point Wild has exposed a new malware campaign using malicious LNK files to install the REMCOS backdoor. This report details how attackers disguise files to gain full system control.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks. Palo Alto Networks Unit 42 said it observed multiple incidents in the region, including one aimed at critical telecommunications infrastructure between February and November 2024. The attacks are characterized by the  – … Read More “CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign  – The Hacker News” »

Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year. “The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access,” Nextron Systems researcher Pierre-Henri Pezier said. Pluggable Authentication Modules  – Read More  … Read More “New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft  – The Hacker News” »

The US DOJ has announced the largest-ever compensation process for human trafficking victims of Backpage. Learn about the $200M fund, who is eligible, and the steps to file a petition before the February 2, 2026, deadline. This comes years after the site’s seizure, as previously reported by Hackread.com.  – Read More  – Hackread – Latest … Read More “US Government Begins $200M Payouts to Backpage Trafficking Victims  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto” »