AttackFeed by Joe Wagner

Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it.  Introduction: One tech power to rule them all is a thing of the past  The relative safety, peace and prosperity that much of the world has … Read More “We Are At War  – The Hacker News” »

A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks leveraging a custom Windows ransomware strain codenamed GenieLocker. “Bearlyfy (also known as Labubu) operates as a dual-purpose group aimed at inflicting maximum damage upon … Read More “Bearlyfy Hits 70+ Russian Firms with Custom GenieLocker Ransomware  – The Hacker News” »

Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history. Both LangChain and LangGraph are open-source frameworks that are used to build applications powered by Large Language Models (LLMs). LangGraph is built on the foundations of  – Read More  – The … Read More “LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks  – The Hacker News” »

ReversingLabs researchers identify a new Ghost campaign using fake npm install logs and progress bars to phish for sudo passwords and steal crypto wallets from developers.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

A year-long effort to strengthen cybersecurity and modernize tech at U.S. intelligence agencies has led to policy standards for using AI to bolster cyber defenses, a shared repository of all apps that have undergone a cybersecurity review and more, the Office of the Director of National Intelligence announced Thursday. An unclassified summary of cyber and … Read More “ODNI tackles AI, threat hunting, app cybersecurity in year-one tech review  – CyberScoop” »

The Federal Communications Commission is moving to crack down on illegal robocalls and the use of foreign call centers. At a meeting Thursday, the three-member commission unanimously approved a new proposed regulation to increase certification and disclosure requirements for obtaining phone numbers, while also expanding those same requirements to all providers seeking phone numbers from … Read More “FCC pushes new rules to crack down on robocallers, foreign call centers  – CyberScoop” »

Enterprise AI security solutions in 2026, compare Check Point, Palo Alto, CrowdStrike, Fortinet, and Zscaler across cloud, endpoint, and network.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments, has been attributed to Red Menshen, a threat cluster that’s also tracked as Earth Bluecrow,  – Read … Read More “China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks  – The Hacker News” »

7AI research reveals a massive QR code phishing attack that evaded SPF, DKIM, and DMARC. Find out how 1.6 million emails went undetected.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

SAN FRANCISCO — Four former National Security Agency directors shared varying concerns about a lack of earnest and widespread response to growing threats in cyberspace during a discussion at the RSAC 2026 Conference on Tuesday. Accelerating threats posed by artificial intelligence, China and cybercriminals at large are testing the country’s resolve and determination to foster … Read More “Former NSA chiefs worry American offensive edge in cybersecurity is slipping  – CyberScoop” »

Banks, governments and tech providers urged to upgrade security because current systems will soon be obsolete Banks, governments and technology providers need to be prepared for quantum computer hackers capable of breaking most existing encryption systems by 2029, Google has warned. The tech company said in a blogpost that quantum computers would pose a “significant … Read More “Google warns quantum computers could hack encrypted systems by 2029  – Data and computer security | The Guardian” »

This practitioner-focused review covers Acalvio ShadowPlex, a deception-first platform designed to stop attacker progress across IT, cloud, OT,…  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

CyberProof researchers have detected a 10% surge in PXA Stealer attacks targeting financial institutions in Q1 2026. Learn…  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Some weeks in security feel loud. This one feels sneaky. Less big dramatic fireworks, more of that slow creeping sense that too many people are getting way too comfortable abusing things they probably shouldn’t even be touching. There’s a little bit of everything in this one, too. Weird delivery tricks, old problems coming back in … Read More “ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories  – The Hacker News” »

Sonatype uncovers a sophisticated malware campaign using hijacked npm developer accounts to steal API keys and passwords. Is your dev environment at risk?  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Unmasking impostors is something the art world has faced for decades, and there are valuable lessons from the works of Elmyr de Hory that can apply to the world of defensive cybersecurity. During the 1960s, de Hory gained infamy as a premier forger, passing off counterfeit masterworks of Picasso, Matisse, and Renoir to unsuspecting collectors … Read More “Masters of Imitation: How Hackers and Art Forgers Perfect the Art of Deception  – The Hacker News” »

Cybersecurity researchers have disclosed a vulnerability in Anthropic’s Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page. The flaw “allowed any website to silently inject prompts into that assistant as if the user wrote them,” Koi Security researcher Oren Yomtov said in a report shared … Read More “Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website  – The Hacker News” »

Most teams have security tools in place. Alerts are firing, dashboards look clean, threat intel is flowing in. On the surface, everything feels under control. But one question usually stays unanswered: Would your defenses actually stop a real attack? That’s where things get shaky. A control exists, so it’s assumed to work. A detection rule … Read More “[Webinar] Stop Guessing. Learn to Validate Your Defenses Against Real Attacks  – The Hacker News” »

The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation Triangulation campaign back in 2023, according to new findings from Kaspersky. “When Coruna was first reported, the public evidence wasn’t sufficient to … Read More “Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks  – The Hacker News” »

A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin – signing his extortion emails from a company called “Loot.” Meanwhile, two people drive up to the entrance of the UK’s nuclear submarine base at Faslane and politely … Read More “Smashing Security podcast #460: Never knock on the door of a nuclear submarine base and ask for a selfie  – GRAHAM CLULEY” »

Cybersecurity researchers have discovered a new payment skimmer that uses WebRTC data channels as a means to receive payloads and exfiltrate data, effectively bypassing security controls. “Instead of the usual HTTP requests or image beacons, this malware uses WebRTC data channels to load its payload and exfiltrate stolen payment data,” Sansec said in a report … Read More “WebRTC Skimmer Bypasses CSP to Steal Payment Data from E-Commerce Sites  – The Hacker News” »

Google is accelerating its timeline for migrating its products to quantum resistant encryption to 2029, the latest sign that tech leaders are worried that they haven’t been aggressive enough in planning for a post-quantum future. In a blog posted Wednesday, vice president of security engineering Heather Adkins and senior staff cryptology engineer Sophie Schmieg said … Read More “Google moves post-quantum encryption timeline up to 2029  – CyberScoop” »

An operation to crack down on the widely used RedLine infostealer has netted the extradition of an Armenian man to the United States, where he made an initial appearance in a Texas court Wednesday. Authorities charged Hambardzum Minasyan with conspiracy to commit access device fraud, conspiracy to violate the Computer Fraud and Abuse Act and … Read More “Alleged RedLine infostealer conspirator extradited to US  – CyberScoop” »

Mirai malware evolves into hundreds of variants, driving botnet growth, including Aisuru and KimWolf, powering large-scale attacks, and increasing risks to vulnerable IoT devices worldwide.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

The FCC has officially added foreign-made consumer routers to its restricted Covered List, citing major cybersecurity risks. Find out what it means for your current devices.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating … Read More “LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace  – The Hacker News” »

AI translation fixes multilingual content chaos by improving consistency, workflows, and speed, helping teams reduce errors and scale global content faster.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Top Klaviyo alternatives offer advanced analytics, automation, and insights to help e-commerce brands improve campaigns, boost revenue, and track performance.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT), which deploys an information-stealing Google Chrome extension masquerading as an offline version of Google Docs. “It logs keystrokes, dumps cookies and session tokens, captures screenshots, and  – … Read More “GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data  – The Hacker News” »

San Francisco, USA, 25th March 2026, CyberNewswire  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

OX Security reveals a new phishing campaign targeting GitHub developers. Scammers use fake OpenClaw token giveaways to trick users into connecting and draining their crypto wallets  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More 

Cybersecurity researchers are calling attention to an active device code phishing campaign that’s targeting Microsoft 365 identities across more than 340 organizations in the U.S., Canada, Australia, New Zealand, and Germany. The activity, per Huntress, was first spotted on February 19, 2026, with subsequent cases appearing at an accelerated pace since then. Notably, the campaign … Read More “Device Code Phishing Hits 340+ Microsoft 365 Orgs Across Five Countries via OAuth Abuse  – The Hacker News” »

The U.S. Department of Justice (DoJ) said a Russian national has been sentenced to two years in prison for managing a botnet that was used to launch ransomware attacks against U.S. companies. Ilya Angelov, 40, of Tolyatti, Russia, was also fined $100,000. Angelov, who went by the online aliases “milan” and “okart,” is said to … Read More “Russian Hacker Sentenced to 2 Years for TA551 Botnet-Driven Ransomware Attacks  – The Hacker News” »

In September 2025, Anthropic disclosed that a state-sponsored threat actor used an AI coding agent to execute an autonomous cyber espionage campaign against 30 global targets. The AI handled 80-90% of tactical operations on its own, performing reconnaissance, writing exploit code, and attempting lateral movement at machine speed. This incident is worrying, but there’s a … Read More “The Kill Chain Is Obsolete When Your AI Agent Is the Threat  – The Hacker News” »

TeamPCP, the threat actor behind the recent compromises of Trivy and KICS, has now compromised a popular Python package named litellm, pushing two malicious versions containing a credential harvester, a Kubernetes lateral movement toolkit, and a persistent backdoor. Multiple security vendors, including Endor Labs and JFrog, revealed that litellm versions 1.82.7 and 1.82.8 were published … Read More “TeamPCP Backdoors LiteLLM Versions 1.82.7–1.82.8 via Trivy CI/CD Compromise  – The Hacker News” »

Hackers compromised Trivy, Checkmarx, and LiteLLM in a supply chain attack, stealing cloud credentials, tokens, and crypto wallet data from developers.  – Read More  – Hackread – Cybersecurity News, Data Breaches, AI and More