AttackFeed by Joe Wagner

Companies in the legal services, software-as-a-service (SaaS) providers, Business Process Outsourcers (BPOs), and technology sectors in the U.S. have been targeted by a suspected China-nexus cyber espionage group to deliver a known backdoor referred to as BRICKSTORM. The activity, attributed to UNC5221 and closely related, suspected China-nexus threat clusters, is designed to facilitate  – Read … Read More “UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors  – The Hacker News” »

The 19-year-old U.K. national who was arrested at his London residence last week was a highly prolific cybercriminal and a core member of the nebulous hacker subset of The Com, researchers told CyberScoop. Authorities’ yearslong quest to uncover the identities of Scattered Spider associates and charge them with serious crimes reached a tipping point with … Read More “Teen arrested in UK was a core figure in Scattered Spider’s operations  – CyberScoop” »

Darktrace researchers have uncovered ShadowV2, a new botnet that operates as a DDoS-for-hire service by infecting misconfigured Docker containers on AWS cloud servers.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks. The critical-rated vulnerabilities in question, discovered by Trend Micro, are listed below – CVE-2025-10643 (CVSS score: 9.1) – An authentication bypass vulnerability that  – Read … Read More “Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models  – The Hacker News” »

Ambitious, suspected Chinese hackers with a slew of goals — stealing intellectual property, mining intelligence on national security and trade, developing avenues for future advanced cyberattacks — have been setting up shop inside U.S. target networks for exceptionally long stretches of time, in a breach that the researchers who uncovered it said could present problems … Read More “Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign  – CyberScoop” »

Cloudflare stopped a record 22.2 Tbps DDoS attack, showing how massive these threats have become and why strong DDoS attack protection is essential.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

UK police arrest man over cyberattack on Collins Aerospace that disrupted check-in at Heathrow, Berlin, Brussels and other airports.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them. Download the complete iframe security guide here.  TL;DR: iframe Security Exposed Payment iframes are being actively exploited by attackers … Read More “iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks  – The Hacker News” »

Cybersecurity researchers have disclosed details of a new malware family dubbed YiBackdoor that has been found to share “significant” source code overlaps with IcedID and Latrodectus. “The exact connection to YiBackdoor is not yet clear, but it may be used in conjunction with Latrodectus and IcedID during attacks,” Zscaler ThreatLabz said in a Tuesday report. … Read More “New YiBackdoor Malware Shares Major Code Overlaps with IcedID and Latrodectus  – The Hacker News” »

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face … Read More “Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms  – Krebs on Security” »

Most businesses don’t make it past their fifth birthday – studies show that roughly 50% of small businesses fail within the first five years. So when KNP Logistics Group (formerly Knights of Old) celebrated more than a century and a half of operations, it had mastered the art of survival. For 158 years, KNP adapted and endured, … Read More “How One Bad Password Ended a 158-Year-Old Business  – The Hacker News” »

Think payment iframes are secure by design? Think again. Sophisticated attackers have quietly evolved malicious overlay techniques to exploit checkout pages and steal credit card data by bypassing the very security policies designed to stop them. Download the complete iframe security guide here.  TL;DR: iframe Security Exposed Payment iframes are being actively exploited by attackers … Read More “iframe Security Exposed: The Blind Spot Fueling Payment Skimmer Attacks  – The Hacker News” »

The FBI is warning internet users about fake versions of its official IC3 cybercrime reporting website. Learn how to spot these ‘spoofed’ sites, avoid scams where criminals impersonate agents, and protect your personal information by following the FBI’s crucial safety tips.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF) … Read More “Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials  – The Hacker News” »

Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been exploited by state-sponsored threat actors. The vulnerability, tracked as CVE-2025-59689, carries a CVSS score of 6.1, indicating medium severity. “Libraesva ESG is affected by a command injection flaw that can be triggered by … Read More “State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability  – The Hacker News” »

Microsoft patched an Entra ID vulnerability that let attackers impersonate Global Admins across tenants, risking full Microsoft 365 and Azure takeover.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Researchers say a Russian group sanctioned by the European Union and wanted by the U.S. government is behind an influence operation targeting upcoming elections in Moldova. In a report released Tuesday, researchers at the Atlantic Council’s Digital Forensic Research Lab said that REST Media — an online news outlet launched in June whose posts have … Read More “Researchers say media outlet targeting Moldova is a Russian cutout  – CyberScoop” »

Cybersecurity researchers have disclosed details of two security vulnerabilities impacting Supermicro Baseboard Management Controller (BMC) firmware that could potentially allow attackers to bypass crucial verification steps and update the system with a specially crafted image. The medium-severity vulnerabilities, both of which stem from improper verification of a cryptographic signature, are  – Read More  – The … Read More “Two New Supermicro BMC Bugs Allow Malicious Firmware to Evade Root of Trust Security  – The Hacker News” »

Terminating their employment is the easy part. The rest is complicated. When enterprises discover they have inadvertently hired North Korean information technology workers, they face a cascade of urgent decisions involving sanctions law, cybersecurity protocols, and law enforcement cooperation that can expose them to significant legal and financial risks. Incident response experts and cybersecurity lawyers … Read More “What to do if your company discovers a North Korean worker in its ranks  – CyberScoop” »

Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than €100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain. According to Eurojust, the coordinated action saw searches in five places across Spain and Portugal, as well as in … Read More “Eurojust Arrests 5 in €100M Cryptocurrency Investment Fraud Spanning 23 Countries  – The Hacker News” »

New research from Check Point Research reveals the Iranian cyber group Nimbus Manticore is targeting defence, telecom, and aerospace companies in Europe with fake job offers. Learn how they use advanced malware to steal sensitive data.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Pittsburg, United States, 23rd September 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The U.S. Secret Service on Tuesday said it took down a network of electronic devices located across the New York tri-state area that were used to threaten U.S. government officials and posed an imminent threat to national security. “This protective intelligence investigation led to the discovery of more than 300 co-located SIM servers and 100,000 … Read More “U.S. Secret Service Seizes 300 SIM Servers, 100K Cards Threatening U.S. Officials Near UN  – The Hacker News” »

In episode 69 of The AI Fix, our hosts discover brain rot, a shark wears trainers on its fins, an AI writes a terrible J-Pop song, Graham learns that ants don’t care about AI, Mark predicts the precise date of Graham’s demise, Norway trusts $1.9 trillion to an AI investor, and Florida thins out its … Read More “The AI Fix #69: How we really use ChatGPT, and will AI agents crash the economy?  – Graham Cluley” »

The Secret Service said Tuesday that it disrupted a network of electronic devices in the New York City area that posed imminent telecommunications-based threats to U.S. government officials and potentially the United Nations General Assembly meeting currently underway. The range of threats included enabling encrypted communications between threat groups and criminals, or disabling cell towers … Read More “Secret Service says it dismantled extensive telecom threat in NYC area  – CyberScoop” »

Austin, Texas, USA, 23rd September 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, could allow attackers to execute arbitrary commands on susceptible systems. The vulnerability, tracked as CVE-2025-26399 (CVSS score: 9.8), has been described as an instance of deserialization of untrusted data that could result in code … Read More “SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw  – The Hacker News” »

Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest. The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers on Amazon Web Services (AWS) cloud servers to deploy a Go-based malware that turns infected systems into attack nodes  – … Read More “ShadowV2 Botnet Exploits Misconfigured AWS Docker Containers for DDoS-for-Hire Service  – The Hacker News” »

Big companies are getting smaller, and their CEOs want everyone to know it. Wells Fargo has cut its workforce by 23% over five years, Bank of America has shed 88,000 employees since 2010, and Verizon’s CEO recently boasted that headcount is “going down all the time.” What was once a sign of corporate distress has … Read More “Lean Teams, Higher Stakes: Why CISOs Must Rethink Incident Remediation  – The Hacker News” »

The Inc ransomware gang claims to have stolen 5.7 TB of data from the Pennsylvania Attorney General’s office in an August 2025 attack. Find out how the breach unfolded, why government agencies are a top target, and what this means for citizens.  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & … Read More “Inc Ransomware Group Claims 5.7 TB Theft from Pennsylvania Attorney General’s Office  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto” »

Every SOC leader understands that faster threat detection is better. But the difference between knowing it and building…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

GitHub on Monday announced that it will be changing its authentication and publishing options “in the near future” in response to a recent wave of supply chain attacks targeting the npm ecosystem, including the Shai-Hulud attack. This includes steps to address threats posed by token abuse and self-replicating malware by allowing local publishing with required … Read More “GitHub Mandates 2FA and Short-Lived Tokens to Strengthen npm Supply Chain Security  – The Hacker News” »

Cybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks targeting East and Southeast Asia, particularly with a focus on Vietnam. The activity, dubbed Operation Rewrite, is being tracked by Palo Alto Networks Unit 42 under the moniker … Read More “BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells  – The Hacker News” »