AttackFeed by Joe Wagner

A bill that would close a loophole in federal cybersecurity standards by requiring government contractors to abide by vulnerability disclosure policies moved one step closer to law Monday after sailing through the House. The passage of the Federal Contractor Cybersecurity Vulnerability Reduction Act in the House came a month after Reps. Nancy Mace, R-S.C., and … Read More “House passes bill requiring federal contractors to have vulnerability disclosure policies  – CyberScoop” »

Broadcom has released security updates to address three actively exploited security flaws in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. The list of vulnerabilities is as follows – CVE-2025-22224 (CVSS score: 9.3) – A Time-of-Check Time-of-Use (TOCTOU) vulnerability that leads to an out-of-bounds write, which a malicious … Read More “VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches  – The Hacker News” »

A new malware threat called Zhong Stealer has surfaced from China, and it’s already slipping into businesses through…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

It’s been a confusing few days in the world of American cybersecurity… Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers. Stolen … Read More “How New AI Agents Will Transform Credential Stuffing Attacks  – The Hacker News” »

Internet service providers (ISPs) in China and the West Coast of the United States have become the target of a mass exploitation campaign that deploys information stealers and cryptocurrency miners on compromised hosts. The findings come from the Splunk Threat Research Team, which said the activity also led to the delivery of various binaries that … Read More “Over 4,000 ISP IPs Targeted in Brute-Force Attacks to Deploy Info Stealers and Cryptominers  – The Hacker News” »

Threat hunters are calling attention to a new highly-targeted phishing campaign that singled out “fewer than five” entities in the United Arab Emirates (U.A.E.) to deliver a previously undocumented Golang backdoor dubbed Sosano. The malicious activity was specifically directed against aviation and satellite communications organizations, according to Proofpoint, which detected it in late October  – … Read More “Suspected Iranian Hackers Used Compromised Indian Firm’s Email to Target U.A.E. Aviation Sector  – The Hacker News” »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2023-20118 (CVSS score: 6.5) – A command injection  … Read More “Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm  – The Hacker News” »

Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below – CVE-2024-43093 – A privilege escalation flaw in the Framework component that could result in unauthorized access … Read More “Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities  – The Hacker News” »

Cybercriminals pose as IT support, using fake calls and Microsoft Teams messages to trick users into installing ransomware through email floods and remote access.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

San Francisco, California, 3rd March 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Artificial Intelligence is a tool that is currently changing how businesses approach digital marketing and SEO. Explore how your business can transform with AI-powered SEO services here.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Google addressed 43 vulnerabilities affecting Android devices in its March security update, including a pair of software defects reportedly under active exploitation. Google said the two vulnerabilities — CVE-2024-43093 and CVE-2024-50302 — “may be under limited, targeted exploitation.” The most severe of the flaws under active exploitation, CVE-2024-43093, carries a CVSS score of 7.8 and … Read More “Android security update contains 2 actively exploited vulnerabilities  – CyberScoop” »

Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which it said overlaps with a group known as … Read More “Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail  – The Hacker News” »

Security questionnaires take a lot of time and repetitively answering the same questions manually chews up business time…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The Department of Homeland Security said that its Cybersecurity and Infrastructure Security Agency will continue to pay attention to Russian cyber threats, contrary to media reports suggesting the opposite. The Guardian reported last week that a recent CISA memo setting out priorities for the agency didn’t list Russia among them, while including Chinese threats and … Read More “DHS says CISA won’t stop looking at Russian cyber threats  – CyberScoop” »

Firefox’s new Terms of Use spark user backlash over data rights. Learn how Mozilla responded to concerns about…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

FortiGuard Labs discovers an advanced attack using modified Havoc Demon and SharePoint. Explore the attack’s evasion techniques and security measures.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

The U.K.’s Information Commissioner’s Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages of 13 and 17 in the country. To that end, the watchdog said it’s probing how the ByteDance-owned video-sharing service uses the personal data of … Read More “U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices  – The Hacker News” »

Threat actors have been exploiting a security vulnerability in Paragon Partition Manager’s BioNTdrv.sys driver in ransomware attacks to escalate privileges and execute arbitrary code. The zero-day flaw (CVE-2025-0289) is part of a set of five vulnerabilities that was discovered by Microsoft, according to the CERT Coordination Center (CERT/CC). “These include arbitrary kernel memory mapping and  … Read More “Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks  – The Hacker News” »

Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. “The threat actor hides each malware stage behind a SharePoint site and uses a modified version of Havoc Demon in conjunction with the Microsoft Graph API to obscure C2 communications within … Read More “Hackers Use ClickFix Trick to Deploy PowerShell-Based Havoc C2 via SharePoint Sites  – The Hacker News” »

The Trump administration has told US cyber command and CISA to stop following or reporting on Russian cyber threats. Yes, Russia! That country everyone used to agree was home to lots of ransomware gangs and hackers. Hmmm… Read more in my article on the Hot for Security blog.  – Read More  – Graham Cluley 

This week, a 23-year-old Serbian activist found themselves at the crossroads of digital danger when a sneaky zero-day exploit turned their Android device into a target. Meanwhile, Microsoft pulled back the curtain on a scheme where cybercriminals used AI tools for harmful pranks, and a massive trove of live secrets was discovered, reminding us that … Read More “⚡ THN Weekly Recap: Alerts on Zero-Day Exploits, AI Breaches, and Crypto Heists  – The Hacker News” »

In 2024, global ransomware attacks hit 5,414, an 11% increase from 2023.  After a slow start, attacks spiked in Q2 and surged in Q4, with 1,827 incidents (33% of the year’s total). Law enforcement actions against major groups like LockBit caused fragmentation, leading to more competition and a rise in smaller gangs. The number of … Read More “The New Ransomware Groups Shaking Up 2025  – The Hacker News” »

Brazil, South Africa, Indonesia, Argentina, and Thailand have become the targets of a campaign that has infected Android TV devices with a botnet malware dubbed Vo1d. The improved variant of Vo1d has been found to encompass 800,000 daily active IP addresses, with the botnet scaling a peak of 1,590,299 on January 19, 2025, spanning 226 … Read More “Vo1d Botnet’s Peak Surpasses 1.59M Infected Android TVs, Spanning 226 Countries  – The Hacker News” »

QR phishing is on the rise, tricking users into scanning malicious QR codes. Learn how cybercriminals exploit QR codes and how to protect yourself.  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Firefox browser maker Mozilla on Friday updated its Terms of Use a second time within a week following criticism overbroad language that appeared to give the company the rights to all information uploaded by users. The revised Terms of Use now states – You give Mozilla the rights necessary to operate Firefox. This includes processing … Read More “Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language  – The Hacker News” »

SolarWinds’ top cybersecurity executive said chief information security officers are increasingly grappling with how to do their jobs while avoiding individual legal liability for breaches that happen on their watch. Tim Brown, now CISO at SolarWinds, was a vice president and the highest-ranking security official at the company when hackers working on behalf of the … Read More “SolarWinds CISO says security execs are ‘nervous’ about individual liability for data breaches   – CyberScoop” »

Not getting enough views or traffic to your podcasts? Try this stunning AI audio-to-video generator to transform your…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

Microsoft exposes Storm-2139, a cybercrime network exploiting Azure AI via LLMjacking. Learn how stolen API keys enabled harmful…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

One of the most notorious providers of abuse-friendly “bulletproof” web hosting for cybercriminals has started routing its operations through networks run by the Russian antivirus and security firm Kaspersky Lab, KrebsOnSecurity has learned. Security experts say the Russia-based service provider Prospero OOO (the triple O is the Russian version of “LLC”) has long been a … Read More “Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab  – Krebs on Security” »

360XSS campaign exploits Krpano XSS to hijack search results & distribute spam ads on 350+ sites, including government,…  – Read More  – Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News 

A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. “The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite,” the international … Read More “Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone  – The Hacker News” »

Psychologists may have a plethora of reasons why individuals turn to cyber crime; and their results move beyond disturbing. It comes as no surprise that those involved in the theft of data have now escalated, their schemes to be even darker. These criminals have expanded to include international online groups called ‘the Com” where they … Read More “Cyber hacking moves to violence and harm of children  – Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.” »