AttackFeed by Joe Wagner

The Committee on Foreign Investment in the United States just published its 2024 report, revealing once again that shielding U.S. tech from risky foreign investments was a critical focus for the interagency group that reviews investments in the United States for national security risks. But as U.S.-China tensions further intensify, bolstering these reviews is even … Read More “The U.S. should bolster investment reviews to combat China  – CyberScoop” »

North Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in their southern counterpart between March and July 2025. The activity manifested in the form of at least 19 spear-phishing emails that impersonated trusted diplomatic contacts with the goal of luring embassy staff and foreign ministry personnel with convincing … Read More “North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms  – The Hacker News” »

A 22-year-old man from the U.S. state of Oregon has been charged with allegedly developing and overseeing a distributed denial-of-service (DDoS)-for-hire botnet called RapperBot. Ethan Foltz of Eugene, Oregon, has been identified as the administrator of the service, the U.S. Department of Justice (DoJ) said. The botnet has been used to carry out large-scale DDoS-for-hire … Read More “DOJ Charges 22-Year-Old for Running RapperBot Botnet Behind 370,000 DDoS Attacks  – The Hacker News” »

Authorities claim they’ve gained control of Rapper Bot and stopped attacks emanating from what they described as “among the most powerful DDoS botnets to have ever existed.”  The takeover and effective disruption of the botnet, also known as Eleven Eleven Botnet and CowBot, occurred after officials identified and served a warrant at the Oregon residence … Read More “Officials gain control of Rapper Bot DDoS botnet, charge lead developer and administrator  – CyberScoop” »

Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware called DripDropper. But in an unusual twist, the unknown attackers have been observed patching the exploited vulnerability after securing initial access to prevent further exploitation by other adversaries and evade detection, Red … Read More “Apache ActiveMQ Flaw Exploited to Deploy DripDropper Malware on Cloud Linux Systems  – The Hacker News” »

Australian ISP iiNet confirms data breach as hackers stole 280,000 email accounts, phone numbers and user data using…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A hack of the Netherlands’ Public Prosecution Service has had an unusual side effect – causing some speed cameras to be no longer capturing evidence of motorists breaking the rules of the road. Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

Citizen Lab’s new report, Hidden Links, uncovers a network of VPN providers like Turbo VPN and VPN Monster…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

In episode 64 of The AI Fix, AI discovers new physics, a robot crab looks for love on the beaches of Portugal, the “Godfather of AI” thinks our only hope is to build motherly AI, a robot folds some laundry, the UK government has a terrible idea, and our hosts discover a long lost sixties … Read More “The AI Fix #64: AI can be vaccinated against evil, and the “Rumble in the Silicon Jungle”  – Graham Cluley” »

Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT. The malicious activity involves the “distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger,” Kaspersky researcher Saurabh Sharma said in a technical analysis published today. The  … Read More “New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code  – The Hacker News” »

Financial institutions like trading and brokerage firms are the target of a new campaign that delivers a previously unreported remote access trojan called GodRAT. The malicious activity involves the “distribution of malicious .SCR (screen saver) files disguised as financial documents via Skype messenger,” Kaspersky researcher Saurabh Sharma said in a technical analysis published today. The  … Read More “New GodRAT Trojan Targets Trading Firms Using Steganography and Gh0st RAT Code  – The Hacker News” »

The United Kingdom has withdrawn its demand that Apple create a backdoor to its encrypted cloud systems following months of diplomatic pressure from the United States, according to a statement from Director of National Intelligence Tulsi Gabbard. Gabbard announced the decision Monday on X, stating that the U.S. government had worked closely with British partners … Read More “UK abandons Apple backdoor demand after US diplomatic pressure  – CyberScoop” »

The UK’s South Yorkshire Police lost 96,000 bodycam videos in a data transfer mishap, impacting 126 cases. Poor…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk of system compromise and data theft. The exploit in question chains together CVE-2025-31324 and CVE-2025-42999 to bypass authentication and achieve remote code execution, SAP security company Onapsis said. CVE-2025-31324 (CVSS score: 10.0) – Missing  … Read More “Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution  – The Hacker News” »

After two decades of developing increasingly mature security architectures, organizations are running up against a hard truth: tools and technologies alone are not enough to mitigate cyber risk. As tech stacks have grown more sophisticated and capable, attackers have shifted their focus. They are no longer focusing on infrastructure vulnerabilities alone. Instead, they are increasingly  … Read More “Why Your Security Culture is Critical to Mitigating Cyber Risk  – The Hacker News” »

The U.K. government has apparently abandoned its plans to force Apple to weaken encryption protections and include a backdoor that would have enabled access to the protected data of U.S. citizens. U.S. Director of National Intelligence (DNI) Tulsi Gabbard, in a statement posted on X, said the U.S. government had been working with its partners … Read More “U.K. Government Drops Apple Encryption Backdoor Order After U.S. Civil Liberties Pushback  – The Hacker News” »

The maintainers of the Python Package Index (PyPI) repository have announced that the package manager now checks for expired domains to prevent supply chain attacks. “These changes improve PyPI’s overall account security posture, making it harder for attackers to exploit expired domain names to gain unauthorized access to accounts,” Mike Fiedler, PyPI safety and security … Read More “PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks  – The Hacker News” »

Microsoft warns that a fake ChatGPT desktop app was used to deliver PipeMagic malware, linked to ransomware attacks…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The threat actors behind the Noodlophile malware are leveraging spear-phishing emails and updated delivery mechanisms to deploy the information stealer in attacks aimed at enterprises located in the U.S., Europe, Baltic countries, and the Asia-Pacific (APAC) region. “The Noodlophile campaign, active for over a year, now leverages advanced spear-phishing emails posing as copyright infringement  – … Read More “Noodlophile Malware Campaign Expands Global Reach with Copyright Phishing Lures  – The Hacker News” »

Morphisec warns of a new Noodlophile Stealer variant spread via fake copyright phishing emails, using Dropbox links and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto