AttackFeed by Joe Wagner

A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked out employees when his account was disabled. Davis Lu, 55, of Houston, Texas, was convicted of causing intentional damage to protected … Read More “Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware  – The Hacker News” »

Apple rushed an emergency software update to its customers Wednesday to address an actively exploited zero-day vulnerability affecting the software powering the company’s most popular devices. The out-of-bounds write defect — CVE-2025-43300 — allows attackers to process a malicious image file resulting in memory corruption.  “Apple is aware of a report that this issue may … Read More “Apple discloses actively exploited zero-day affecting iOS, iPadOS and macOS  – CyberScoop” »

The top lawmakers on a key House cybersecurity panel are hoping to remove a barrier to entry for cyber jobs in the federal government. Introduced this week, the Cybersecurity Hiring Modernization Act from Reps. Nancy Mace, R-S.C., and Shontel Brown, D-Ohio, would prioritize skills-based hiring over educational requirements for cyber jobs at federal agencies.  Mace … Read More “House lawmakers take aim at education requirements for federal cyber jobs  – CyberScoop” »

Europol has confirmed that a widely reported $50,000 reward for information on the Qilin ransomware group is a…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Qilin ransomware claims a 4TB data breach at Nissan CBI, leaking car design files, financial data, 3D models,…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The Chinese state-backed threat group Silk Typhoon has raised the pace of attacks targeting government, technology, legal and professional services in North America since late spring, according to CrowdStrike. “We were calling this jokingly, ‘the summer of Murky Panda,’ because we’ve seen so much activity from them over the last couple of months,” said Adam … Read More “CrowdStrike warns of uptick in Silk Typhoon attacks this summer  – CyberScoop” »

Federal Trade Commission Chair Andrew Ferguson warned U.S. tech companies not to accede to laws in foreign countries that weaken Americans’ free speech or data privacy rights. Specifically, Ferguson cited laws like the European Union’s Digital Service Act and the U.K.’s Online Safety Act as statutes that incentivize U.S. tech companies “to censor speech, including … Read More “FTC warns tech companies not to weaken encryption, free speech practices for foreign governments  – CyberScoop” »

The Chinese state-backed threat group Silk Typhoon has raised the pace of attacks targeting government, technology, legal and professional services in North America since late spring, according to CrowdStrike. “We were calling this jokingly, ‘the summer of Murky Panda,’ because we’ve seen so much activity from them over the last couple of months,” said Adam … Read More “CrowdStrike warns of uptick in Silk Typhoon attacks this summer  – CyberScoop” »

Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows – CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without … Read More “Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks  – The Hacker News” »

The PromptFix attack tricks AI browsers with fake CAPTCHAs, leading them to phishing sites and fake stores where…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initial access to their systems, which … Read More “Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages  – The Hacker News” »

The post ‘Rapper Bot’ hit the Pentagon in at least 3 cyberattacks appeared first on CyberScoop.   – Read More  – CyberScoop 

A 20-year-old Florida man received a 10-year federal prison sentence Wednesday for his role in the notorious Scattered Spider cybercrime organization, marking the first conviction of a member from the group responsible for breaching more than 130 major companies. Noah Michael Urban, 20, of Palm Coast, Fla., pleaded guilty to conspiracy, wire fraud and aggravated … Read More “Florida man gets 10 years in prison in first Scattered Spider sentencing  – CyberScoop” »

Cybersecurity researchers have disclosed details of a new malware loader called QuirkyLoader that’s being used to deliver via email spam campaigns an array of next-stage payloads ranging from information stealers to remote access trojans since November 2024. Some of the notable malware families distributed using QuirkyLoader include Agent Tesla, AsyncRAT, Formbook, Masslogger, Remcos RAT,  – … Read More “Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger  – The Hacker News” »

Ohio Medical Alliance exposed a medical marijuana patient database containing 957,000 records, including SSNs, IDs, health files, and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

As security professionals, it’s easy to get caught up in a race to counter the latest advanced adversary techniques. Yet the most impactful attacks often aren’t from cutting-edge exploits, but from cracked credentials and compromised accounts. Despite widespread awareness of this threat vector, Picus Security’s Blue Report 2025 shows that organizations continue to struggle with … Read More “Weak Passwords and Compromised Accounts: Key Findings from the Blue Report 2025  – The Hacker News” »

A 20-year-old member of the notorious cybercrime gang known as Scattered Spider has been sentenced to ten years in prison in the U.S. in connection with a series of major hacks and cryptocurrency thefts. Noah Michael Urban pleaded guilty to charges related to wire fraud and aggravated identity theft back in April 2025. News of … Read More “Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft  – The Hacker News” »

Apple has released security updates to address a security flaw impacting iOS, iPadOS, and macOS that it said has come under active exploitation in the wild. The zero-day out-of-bounds write vulnerability, tracked as CVE-2025-43300, resides in the ImageIO framework that could result in memory corruption when processing a malicious image. “Apple is aware of a … Read More “Apple Patches CVE-2025-43300 Zero-Day in iOS, iPadOS, and macOS Exploited in Targeted Attacks  – The Hacker News” »

In episode 431 of the “Smashing Security” podcast, a self-proclaimed crypto-influencer calling himself CP3O thought he had found a shortcut to riches — by racking up millions in unpaid cloud bills. Meanwhile, we look at the growing threat of EDR-killer tools that can quietly switch off your endpoint protection before an attack even begins. And … Read More “Smashing Security podcast #431: How to mine millions without paying the bill  – Graham Cluley” »

FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A Russian state-sponsored cyber espionage group known as Static Tundra has been observed actively exploiting a seven-year-old security flaw in Cisco IOS and Cisco IOS XE software as a means to establish persistent access to target networks. Cisco Talos, which disclosed details of the activity, said the attacks single out organizations in telecommunications, higher education … Read More “FBI Warns FSB-Linked Hackers Exploiting Unpatched Cisco Devices for Cyber Espionage  – The Hacker News” »

Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could be exploited to steal account credentials, two-factor authentication (2FA) codes, and credit card details under certain conditions. The technique has been dubbed Document Object Model (DOM)-based extension clickjacking by independent security researcher Marek Tóth,  – Read More  – … Read More “DOM-Based Extension Clickjacking Exposes Popular Password Managers to Credential and Data Theft  – The Hacker News” »

Frankfurt am Main, Germany, 20th August 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Doctor Web warns of Android.Backdoor.916.origin, a fake antivirus app that spies on Russian users by stealing data, streaming…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A Russian state-sponsored espionage group has been systematically compromising network devices worldwide for over a decade, exploiting a seven-year-old vulnerability to steal sensitive data and establish persistent access to organizations across multiple sectors, according to new research from Cisco Talos Intelligence. The group, designated “Static Tundra” by Cisco Talos, is linked to the Russian Federal … Read More “Russian cyber group exploits seven-year-old network vulnerabilities for long-term espionage  – CyberScoop” »

A Russian state-sponsored espionage group has been systematically compromising network devices worldwide for over a decade, exploiting a seven-year-old vulnerability to steal sensitive data and establish persistent access to organizations across multiple sectors, according to new research from Cisco Talos Intelligence. The group, designated “Static Tundra” by Cisco Talos, is linked to the Russian Federal … Read More “Russian cyber group exploits seven-year-old network vulnerabilities for long-term espionage  – CyberScoop” »

A new report from Red Canary reveals a clever Linux malware called DripDropper that exploits a flaw and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative artificial intelligence (GenAI) model into carrying out intended actions by embedding the malicious instruction inside a fake CAPTCHA check on a web page. Described by Guardio Labs an “AI-era take on the ClickFix scam,” the attack technique demonstrates how AI-driven … Read More “Experts Find AI Browsers Can Be Tricked by PromptFix Exploit to Run Malicious Hidden Prompts  – The Hacker News” »

Disclosure: This article was provided by ANY.RUN. The information and analysis presented are based on their research and findings.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Scammers have been spotted abusing AI site builder Lovable to mimic trusted brands, steal credentials, drain crypto wallets,…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Do you know how many AI agents are running inside your business right now? If the answer is “not sure,” you’re not alone—and that’s exactly the concern. Across industries, AI agents are being set up every day. Sometimes by IT, but often by business units moving fast to get results. That means agents are running … Read More “🕵️ Webinar: Discover and Control Shadow AI Agents in Your Enterprise Before Hackers Do  – The Hacker News” »

Modern businesses face a rapidly evolving and expanding threat landscape, but what does this mean for your business? It means a growing number of risks, along with an increase in their frequency, variety, complexity, severity, and potential business impact. The real question is, “How do you tackle these rising threats?” The answer lies in having … Read More “From Impact to Action: Turning BIA Insights Into Resilient Recovery  – The Hacker News” »