Five months after education software vendor PowerSchool paid an unnamed threat actor a ransom in exchange for the deletion of sensitive stolen data, some of the company’s customers are now receiving extortion demands. A threat actor, who may or not be the same criminal group behind the attack, has contacted four school district customers of PowerSchool in the past few...
CrowdStrike is cutting 5% of its workforce, about 500 positions, telling its staff that it’s shifting resources and realigning its operating model for growth in new market segments, according to a Wednesday filing with the Securities and Exchange Commission. The company is slashing headcount following a year of significant growth in a strong market. CrowdStrike’s revenue jumped 29% year-over-year to $3.95...
ClickFunnels is investigating a data breach after hackers leaked detailed business data, including emails, phone numbers, and company… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Security Service Edge (SSE) platforms have become the go-to architecture for securing hybrid work and SaaS access. They promise centralized enforcement, simplified connectivity, and consistent policy control across users and devices. But there’s a problem: they stop short of where the most sensitive user activity actually happens—the browser. This isn’t a small omission. It’s a structural – Read More –...
In this excerpt of a Trend Vulnerability Research Service vulnerability report, Nikolai Skliarenko and Yazhi Wang of the Trend™ Research Team detail a recently patched code execution vulnerability in the Apple macOS operating system. This bug was originally discovered by Hossein Lotfi of the Trend™ Zero Day Initiative. Successful exploitation could result in arbitrary code execution on the target machine...
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-6047 GeoVision Devices OS Command Injection Vulnerability CVE-2024-11120 GeoVision Devices OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk...
Authorities in Poland have arrested four people accused of administrating and selling access to distributed denial of service (DDoS) services, according to a press release from Europol. The suspects are believed to have operated six so-called “stresser” or “booter” services that enabled customers across the world to launch thousands of attacks on targets ranging from government offices to businesses and...
Post Content – Read More – IC3.gov News
US jury orders NSO Group to pay $168M to WhatsApp and Meta over Pegasus spyware use in 2019… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Inferno Drainer returns, stealing millions from crypto wallets through phishing on Discord – Read More –
NCSC CEO Richard Horne said the cyber agency has managed twice as many nationally significant cyber incidents in the period from September 2024 to May 2025 – Read More –
A prolific DDoS-for-hire network has been dismantled by Polish authorities as part of a coordinated international crackdown – Read More –
A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is a privilege escalation bug impacting all versions of the plugin prior to and including version 1.0.82. “This is due to the create_wp_connection() function missing a capability check and – Read More –...
Europol has announced the takedown of distributed denial of service (DDoS)-for-hire services that were used to launch thousands of cyber-attacks across the world. In connection with the operation, Polish authorities have arrested four individuals and the United States has seized nine domains that are associated with the now-defunct platforms. “The suspects are believed to be behind six separate – Read...
Polish authorities arrest 4 behind major DDoS-for-hire sites used in global attacks. Europol, US, Germany, and Dutch forces… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Austin, USA / Texas, 7th May 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges. The vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, have all been described as XML External Entity (XXE) injections, which occur when an attacker is – Read More – The Hacker News
CISA warns of active exploitation of critical Langflow vulnerability (CVE-2025-3248). Critical RCE flaw allows full server takeover. Patch… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
The UK government has announced that it will be replace its current SMS verification system with passkeys by the end of 2025 – Read More –
The Israeli spyware maker must pay $444,719 in compensatory damages to Meta and $167.25m in punitive damages – Read More –
Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the United States. The attack, per the Symantec Threat Hunter Team, part of Broadcom, leveraged CVE-2025-29824, a privilege escalation flaw in the Common Log File System (CLFS) driver. It...
TeleMessage, an encrypted messaging app based upon Signal, has been temporarily suspended out of “an abundance of caution” after a hacker reportedly gained access to US government communications. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
UK government minister Pat McFadden said during CYBERUK that the incidents affecting M&S, Co-op and Harrods show that cybersecurity is a necessity – Read More –
Marsh says ransomware drove cyber insurance claims to second highest on record in 2024 – Read More –
Half of UK firms have over 10 cyber positions unfilled, according to Cisco – Read More –
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that masquerades as a seemingly harmless Discord-related utility but incorporates a remote access trojan. The package in question is discordpydebug, which was uploaded to PyPI on March 21, 2022. It has been downloaded 11,574 times and continues to be available on the open-source registry. – Read...
New voluntary code of practice for technology providers defines a market baseline for cyber security. – Read More – NCSC Feed
CISA is increasingly aware of unsophisticated cyber actor(s) targeting ICS/SCADA systems within U.S. critical Infrastructure sectors (Oil and Natural Gas), specifically in Energy and Transportation Systems. Although these activities often include basic and elementary intrusion techniques, the presence of poor cyber hygiene and exposed assets can escalate these threats, leading to significant consequences such as defacement, configuration changes, operational disruptions...
A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than four months after a federal judge ruled that the Israeli company violated U.S. laws by exploiting WhatsApp servers to deploy Pegasus spyware, targeting over 1,400 individuals globally. WhatsApp originally filed the lawsuit against NSO Group in 2019, –...
Cybercriminals are using fake Social Security Administration emails to distribute the ScreenConnect RAT (Remote Access Trojan) and compromise… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
A federal jury decided Tuesday that NSO Group must pay WhatsApp approximately $168 million in damages after a judge ruled that it violated anti-hacking laws when 1,400 of the messaging application’s users became infected with Pegasus spyware. It’s the latest in a series of wins in court for WhatsApp in its pioneering lawsuit that has produced revelations about the spyware...
President Donald Trump is calling on Colorado state officials to release Tina Peters, the former Mesa County clerk serving a nine-year prison sentence for stealing and sharing sensitive voting system data in a failed attempt to bolster Trump’s claims of mass voter fraud in the 2020 presidential election. In a Truth Social post Monday, Trump characterized Peters as a “69-year-old...
House appropriators on Tuesday challenged proposed budget cuts for the Cybersecurity and Infrastructure Security Agency, with Democrats saying the Trump administration was disturbingly moving money away from the agency and a key Republican saying he needed to see justifications for the reductions. The Trump administration has proposed cutting CISA funding by $491 million, and some members of a House Appropriations...
Cybercriminals aren’t always loud and obvious. Sometimes, they play it quiet and smart. One of the tricks of… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-27363 FreeType Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities...
Disney was hit by two major 2024 cyberattacks, an ex-employee’s sabotage and a hacker’s AI trap, exposing internal… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
CISA released three Industrial Control Systems (ICS) advisories on May 6, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-126-01 Optigo Networks ONS NC600 ICSA-25-126-02 Milesight UG65-868M-EA ICSA-25-126-03 BrightSign Players CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. – Read More – All CISA Advisories
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: BrightSign Equipment: Brightsign Players Vulnerabilities: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could allow for privilege escalation on the device, easily guessed passwords, or for arbitrary code to be executed on the underlying operating system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS...
In episode 49 of The AI Fix, OpenAI kills off a sycophantic bot, our hosts are introduced to a prophetic Bosnian rock band, Meta puts an electric fence around its llamas, Mark reveals he’s never tried covering a robot with olive oil, and Graham leaves a stern message for his great-great-grandchildren. Mark sits a “smarty-pants” test, an AI becomes a...
The Alvin Independent School District in Texas has notified over 47,000 individuals affected by a data breach exposing sensitive personal information – Read More –
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Milesight Equipment: UG65-868M-EA Vulnerability: Improper Access Control for Volatile Memory Containing Boot Code 2. RISK EVALUATION Successful exploitation of this vulnerability could allow any user with admin privileges to inject arbitrary shell commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of UG65-868M-EA, an industrial...
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Optigo Networks Equipment: ONS NC600 Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to establish an authenticated connection with the hard-coded credentials and perform OS command executions. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of...
Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks. The activity, first observed by the Akamai Security Intelligence and Response Team (SIRT) in early April 2025, involves the exploitation of two operating system command – Read More –...
Global smishing campaigns linked to Chinese cybercriminals escalate with Smishing Triad’s new tools and techniques – Read More –
Cybersecurity researchers have lifted the lid on two threat actors that orchestrate investment scams through spoofed celebrity endorsements and conceal their activity through traffic distribution systems (TDSes). The activity clusters have been codenamed Reckless Rabbit and Ruthless Rabbit by DNS threat intelligence firm Infoblox. The attacks have been observed to lure victims with bogus – Read More – The Hacker...
New research shows Google Cloud and smaller providers have the highest cloud vulnerability rates as compared to AWS… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Every day, we place our trust in technology. Whether in the boardroom or the living room, technology has become the linchpin of security that protects our most sensitive and private information. And more so than any time in our history, that goes for our conversations, too. Intimate discussions with our spouse or romantic partner. Collaboration with colleagues on a proprietary...
Individuals allegedly linked to the DragonForce cybercriminal syndicate have claimed the attack on the three UK retailers – Read More –
It wasn’t ransomware headlines or zero-day exploits that stood out most in this year’s Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly, yet consistently, two underlying factors played a role in some of the worst breaches: third-party exposure and machine credential abuse. According to the 2025 DBIR, third-party involvement in breaches doubled – Read...
Microsoft has warned that using pre-made templates, such as out-of-the-box Helm charts, during Kubernetes deployments could open the door to misconfigurations and leak valuable data. “While these ‘plug-and-play’ options greatly simplify the setup process, they often prioritize ease of use over security,” Michael Katchinskiy and Yossi Weizman from the Microsoft Defender for Cloud Research team – Read More – The...
