AttackFeed by Joe Wagner

The Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024. “The campaign, which leverages social media to distribute malware, is tied to the region’s current geopolitical climate,” Positive Technologies researchers Klimentiy Galkin and Stanislav Pyzhov said in … Read More “Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware Links  – The Hacker News” »

The Need For Unified Security Google Workspace is where teams collaborate, share ideas, and get work done. But while it makes work easier, it also creates new security challenges. Cybercriminals are constantly evolving, finding ways to exploit misconfigurations, steal sensitive data, and hijack user accounts. Many organizations try to secure their environment by piecing together … Read More “Why The Modern Google Workspace Needs Unified Security  – The Hacker News” »

Cyber threats today don’t just evolve—they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new battlegrounds—ranging from nation-state espionage and ransomware to manipulated AI chatbots—the landscape becomes increasingly complex, prompting vital questions: How secure are our cloud environments? Can our  – Read More  – The Hacker … Read More “⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact  – The Hacker News” »

A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services. Russian cybersecurity company Kaspersky said the activity is part of a larger trend where cybercriminals are increasingly leveraging Windows Packet Divert (WPD) tools to distribute … Read More “SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools  – The Hacker News” »

A Storm of Scams Awaits!  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said they had … Read More “Feds Link $150M Cyberheist to 2022 LastPass Hacks  – Krebs on Security” »

Outpost24’s KrakenLabs reveals EncryptHub’s multi-stage malware campaign, exposing their infrastructure and tactics through critical OPSEC failures. Learn how…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Cryptocurrency offers financial freedom, but it also comes with privacy challenges. Unlike traditional banking, where transactions remain relatively…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

When the Trump administration began sidelining and laying off personnel at the Cybersecurity and Infrastructure Security Agency, it started by targeting employees who worked on election security and disinformation. At the same time, the Department Homeland Security announced it would conduct a comprehensive review of CISA’s election security mission. This week, the agency confirmed that … Read More “CISA completed its election security review. It won’t make the results public  – CyberScoop” »

The FBI and threat researchers are warning executives to be on the lookout for physical letters in the mail threatening to leak sensitive corporate data.  The letters, which are stamped “time sensitive read immediately” and shipped directly to executives through the Postal Service, are part of a nationwide scam designed to extort victims into paying … Read More “Ransomware poseurs are trying to extort businesses through physical letters  – CyberScoop” »

U.S. and European law enforcement agencies have seized the infrastructure of Garantex, a cryptocurrency exchange accused of laundering billions in criminal proceeds, in a sweeping international operation that signals heightened focus on illicit financial flows in cryptocurrency markets. According to Justice Department documents unsealed Friday, the Moscow-based exchange processed approximately $96 billion in cryptocurrency transactions … Read More “Russian crypto exchange Garantex seized in international law enforcement operation  – CyberScoop” »

Threat hunters have shed light on a “sophisticated and evolving malware toolkit” called Ragnar Loader that’s used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), FIN7, FIN8, and Ruthless Mantis (ex-REvil). “Ragnar Loader plays a key role in keeping access to compromised systems, helping attackers stay in networks for long-term operations,” … Read More “FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations  – The Hacker News” »

Microsoft Threat Intelligence exposes a malvertising campaign exploiting GitHub, Discord, and Dropbox. Discover the multi-stage attack chain, the…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Microsoft has disclosed details of a large-scale malvertising campaign that’s estimated to have impacted over one million devices globally as part of what it said is an opportunistic attack designed to steal sensitive information. The tech giant, which detected the activity in early December 2024, is tracking it under the broader umbrella Storm-0408, a moniker … Read More “Microsoft Warns of Malvertising Campaign Infecting Over 1 Million Devices Worldwide  – The Hacker News” »

Are you tired of dealing with outdated security tools that never seem to give you the full picture? You’re not alone. Many organizations struggle with piecing together scattered information, leaving your apps vulnerable to modern threats. That’s why we’re excited to introduce a smarter, unified approach: Application Security Posture Management (ASPM). ASPM brings together the … Read More “Webinar: Learn How ASPM Transforms Application Security from Reactive to Proactive  – The Hacker News” »

Access on-demand webinar here Avoid a $100,000/month Compliance Disaster March 31, 2025: The Clock is Ticking. What if a single overlooked script could cost your business $100,000 per month in non-compliance fines? PCI DSS v4 is coming, and businesses handling payment card data must be prepared. Beyond fines, non-compliance exposes businesses to web skimming, third-party … Read More “What PCI DSS v4 Really Means – Lessons from A&F Compliance Journey  – The Hacker News” »

A coalition of international law enforcement agencies has seized the website associated with the cryptocurrency exchange Garantex (“garantex[.]org”), nearly three years after the service was sanctioned by the U.S. Treasury Department in April 2022. “The domain for Garantex has been seized by the United States Secret Service pursuant to a seizure warrant obtained by the … Read More “U.S. Secret Service Seizes Russian Garantex Crypto Exchange Website  – The Hacker News” »

Cybersecurity researchers have discovered a malicious Python package on the Python Package Index (PyPI) repository that’s equipped to steal a victim’s Ethereum private keys by impersonating popular libraries. The package in question is set-utils, which has received 1,077 downloads to date. It’s no longer available for download from the official registry. “Disguised as a simple … Read More “This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions  – The Hacker News” »

SafeWallet has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a “highly sophisticated, state-sponsored attack,” stating the North Korean threat actors behind the hack took steps to erase traces of the malicious activity in an effort to hamper investigation efforts. The multi-signature (multisig) platform, which has roped in … Read More “SafeWallet Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist  – The Hacker News” »

Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. “The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines,” Cisco Talos researcher Chetan Raghuprasad said in … Read More “PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors  – The Hacker News” »

At 49, Branden Spikes isn’t just one of the oldest technologists who has been involved in Elon Musk’s Department of Government Efficiency (DOGE). As the current director of information technology at X/Twitter and an early hire at PayPal, Zip2, Tesla and SpaceX, Spikes is also among Musk’s most loyal employees. Here’s a closer look at … Read More “Who is the DOGE and X Technician Branden Spikes?  – Krebs on Security” »

Discover how artificial intelligence is shaping the future of workplace management, from optimizing efficiency to enhancing employee experience.…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

One of the many advancements in the financial system is the adoption of Bitcoin, which has shifted the…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Tata Technologies hit by Hunters International ransomware attack. The group threatened to leak 1.4TB of data. Learn about…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Socket exposes a typosquatting campaign delivering malware to Linux and macOS systems via malicious Go packages. Discover the…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

One of the most successful actions that cyber threat actors have historically taken is in the use of “phishing” while misrepresenting themselves and convincing people to give up their logins, passwords and/or control of their device. The problem with this is that the users volunteer their information and therefore the breach can’t be prosecuted. Anydesk … Read More “Victims of Cybercrime that create their own demise  – Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.” »

U.S. indicts 12 in Chinese Hacker-for-Hire Network tied to cyber attacks on governments & media. DOJ offers $10M reward for info on key suspects.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Palo Alto, Singapore, 6th March 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The Chinese state-backed threat group Silk Typhoon shifted tactics in late 2024 to broaden access and enable follow-on attacks against downstream customers of its initial targets, Microsoft Threat Intelligence said in a blog released Wednesday.  The Chinese espionage group, which is also known as APT27, has abused stolen API keys and credentials for privileged access … Read More “Silk Typhoon shifted to specifically targeting IT management companies  – CyberScoop” »

YouTube CEO Neal Mohan was impersonated in a deepfake phishing scam. Learn about the attack, how to spot…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing a 42% increase between 2023 and 2024. In the first two months of 2025 alone, the group has claimed over 40 attacks, according to data from the Symantec Threat Hunter … Read More “Medusa Ransomware Hits 40+ Victims in 2025, Demands $100K–$15M Ransom  – The Hacker News” »

The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called EncryptRAT. “EncryptHub has been observed targeting users of popular applications, by distributing trojanized versions,” Outpost24 KrakenLabs said in a new report shared with The  – Read … Read More “EncryptHub Deploys Ransomware and Stealer via Trojanized Apps, PPI Services, and Phishing  – The Hacker News” »