AttackFeed by Joe Wagner

The Iranian hacking group known as MuddyWater has been observed leveraging a new backdoor dubbed UDPGangster that uses the User Datagram Protocol (UDP) for command-and-control (C2) purposes. The cyber espionage activity targeted users in Turkey, Israel, and Azerbaijan, according to a report from Fortinet FortiGuard Labs. “This malware enables remote control of compromised systems by … Read More “MuddyWater Deploys UDPGangster Backdoor in Targeted Turkey-Israel-Azerbaijan Campaign  – The Hacker News” »

Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate features to achieve data exfiltration and remote code execution. The security shortcomings have been collectively named IDEsaster by security researcher Ari Marzouk (MaccariTA). They affect popular  – Read More  – The Hacker … Read More “Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks  – The Hacker News” »

Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate features to achieve data exfiltration and remote code execution. The security shortcomings have been collectively named IDEsaster by security researcher Ari Marzouk (MaccariTA). They affect popular  – Read More  – The Hacker … Read More “Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks  – The Hacker News” »

Barts Health NHS confirms Cl0p ransomware breach via Oracle flaw. Invoice data exposed. Patient records and clinical systems remain unaffected.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

A sprawling academic cheating network turbocharged by Google Ads that has generated nearly $25 million in revenue has curious ties to a Kremlin-connected oligarch whose Russian university builds drones for Russia’s war against Ukraine. The Nerdify homepage. The link between essay mills and Russian attack drones might seem improbable, but understanding it begins with a … Read More “Drones to Diplomas: How Russia’s Largest Private University is Linked to a $25M Essay Mill  – Krebs on Security” »

CISA, NSA, and Canadian Cyber Centre warn that PRC state-sponsored hackers are using BRICKSTORM, a stealthy Go-based backdoor, for long-term espionage in Government and IT networks.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React Server Components (RSC) to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, CVE-2025-55182 (CVSS score: 10.0), relates to a case of remote code execution that could be triggered by … Read More “Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation  – The Hacker News” »

Attackers of different origins and motivations swiftly exploited a critical vulnerability dubbed React2Shell, affecting React Server Components shortly after Meta and the React team publicly disclosed the flaw with a patch Wednesday.  Multiple security firms are actively responding to active exploitation in the wild as a scrum of reports conclude the malicious activity is limited … Read More “Attackers hit React defect as researchers quibble over proof  – CyberScoop” »

Agentic AI tools are being pushed into software development pipelines, IT networks and other business workflows. But using these tools can quickly turn into a supply chain nightmare for organizations, introducing untrusted or malicious content into their workstream that are then regularly treated as instructions by the underlying large language models powering the tools. Researchers … Read More “More evidence your AI agents can be turned against you  – CyberScoop” »

A new agentic browser attack targeting Perplexity’s Comet browser that’s capable of turning a seemingly innocuous email into a destructive action that wipes a user’s entire Google Drive contents, findings from Straiker STAR Labs show. The zero-click Google Drive Wiper technique hinges on connecting the browser to services like Gmail and Google Drive to automate … Read More “Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails  – The Hacker News” »

A bipartisan group of senators are looking to tackle health care cybersecurity by reviving legislation that would update regulations and guidelines, authorize grants, offer training and clarify federal agency roles. It’s a subset of cybersecurity where Congress hasn’t enacted any sweeping changes to date. The resurrected Health Care Cybersecurity and Resiliency Act from Health, Education … Read More “Bipartisan health care cybersecurity legislation returns to address a cornucopia of issues  – CyberScoop” »

A critical security flaw has been disclosed in Apache Tika that could result in an XML external entity (XXE) injection attack. The vulnerability, tracked as CVE-2025-66516, is rated 10.0 on the CVSS scoring scale, indicating maximum severity. “Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an  … Read More “Critical XXE Bug CVE-2025-66516 (CVSS 10.0) Hits Apache Tika, Requires Urgent Patch  – The Hacker News” »

AI is transforming the video-making process of creators. Learn how WondershareFilmora V15 helps individual creators edit smarter using powerful AI.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Torrance, California, USA, 5th December 2025, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The dangerous ClayRat Android spyware has evolved, gaining the ability to steal PINs, record screens, and disable security by abusing Accessibility Services. Users must beware of fake apps spreading through phishing sites and Dropbox.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Madison, United States, 5th December 2025, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Two hacking groups with ties to China have been observed weaponizing the newly disclosed security flaw in React Server Components (RSC) within hours of it becoming public knowledge. The vulnerability in question is CVE-2025-55182 (CVSS score: 10.0), aka React2Shell, which allows unauthenticated remote code execution. It has been addressed in React versions 19.0.1, 19.1.2, and … Read More “Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability  – The Hacker News” »

Aikido Security exposes a new AI prompt injection flaw in GitHub/GitLab pipelines, letting attackers steal secrets. Major companies affected.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Most MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging. That’s why we created ”Getting to Yes”: An Anti-Sales Guide for MSPs. This guide helps service providers transform … Read More ““Getting to Yes”: An Anti-Sales Guide for MSPs  – The Hacker News” »

A human rights lawyer from Pakistan’s Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa’s Predator spyware, Amnesty International said in a report. The link, the non-profit organization said, is a “Predator attack attempt based on the … Read More “Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery  – The Hacker News” »

Most MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging. That’s why we created ”Getting to Yes”: An Anti-Sales Guide for MSPs. This guide helps service providers transform … Read More ““Getting to Yes”: An Anti-Sales Guide for MSPs  – The Hacker News” »

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People’s Republic of China (PRC) to maintain long-term persistence on compromised systems. “BRICKSTORM is a sophisticated backdoor for VMware vSphere and Windows environments,” the agency said. … Read More “CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems  – The Hacker News” »

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It’s rooted in Array’s DesktopDirect, a remote … Read More “JPCERT Confirms Active Command Injection Attacks on Array AG Gateways  – The Hacker News” »

Qilin ransomware claims it stole internal data from the Church of Scientology, sharing 22 screenshots as proof. The breach remains unconfirmed by the organization.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Cybersecurity authorities and threat analysts unveiled alarming details Thursday about a suspected China state-sponsored espionage and data theft campaign that Google previously warned about in September. The outlook based on their limited visibility into China’s sustained ability to burrow into critical infrastructure and government agency networks undetected, dating back to at least 2022, is grim. … Read More “Officials warn about expansive, ongoing China espionage threat riding on Brickstorm malware  – CyberScoop” »

Leaked training videos suggest that Intellexa retained the ability to remotely access the systems of customers who had used its Predator spyware, raising questions about human rights safeguards, according to an investigation published Thursday. That was just one finding from a series of separate but overlapping probes released over the past 24 hours. The training … Read More “Intellexa remotely accessed Predator spyware customer systems, investigation finds  – CyberScoop” »

China-based phishing groups blamed for non-stop scam SMS messages about a supposed wayward package or unpaid toll fee are promoting a new offering, just in time for the holiday shopping season: Phishing kits for mass-creating fake but convincing e-commerce websites that convert customer payment card data into mobile wallets from Apple and Google. Experts say … Read More “SMS Phishers Pivot to Points, Taxes, Fake Retailers  – Krebs on Security” »

Sen. Mark Kelly, D-Ariz., called for robust safeguards in U.S.-developed AI systems to prevent abuse and misuse, arguing that both the technology and its development  standards should reflect “American” values. In a speech Thursday at the Center for American Progress, a left-leaning think tank, Kelly called for massive investment in data centers, water and electricity … Read More “Sen. Mark Kelly: Investing in safe, secure AI is key to U.S. dominance  – CyberScoop” »

LummaC2 infostealer infects North Korean hacker’s device, exposing ties to $1.4B Bybit heist and revealing tools, infrastructure and OPSEC failures.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Sean Plankey’s nomination to lead the Cybersecurity and Infrastructure Security Agency looks to be over following his exclusion from a Senate vote Thursday to move forward on a panel of Trump administration picks. Multiple senators placed holds or threatened holds on his nomination, none related to cybersecurity. But the hold from Sen. Rick Scott, R-Fla., appeared … Read More “Sean Plankey nomination to lead CISA appears to be over after Thursday vote  – CyberScoop” »

Cloudflare’s Q3 2025 DDoS Threat Report reveals the Aisuru botnet launched a record 29.7 Tbps attack. Learn which sectors were the most targeted, and the key drivers behind the surge in attacks.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The threat actor known as Silver Fox has been spotted orchestrating a false flag operation to mimic a Russian threat group in attacks targeting organizations in China. The search engine optimization (SEO) poisoning campaign leverages Microsoft Teams lures to trick unsuspecting users into downloading a malicious setup file that leads to the deployment of ValleyRAT … Read More “Silver Fox Uses Fake Microsoft Teams Installer to Spread ValleyRAT Malware in China  – The Hacker News” »

Austin, TX, USA, 4th December 2025, CyberNewsWire  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

The Trump administration is aiming to release its six-part national cybersecurity strategy in January, according to multiple sources familiar with the document. The document, which is a mere five pages long, will possibly be followed by an executive order to implement the new strategy. The administration has been soliciting feedback in recent days, which one … Read More “Five-page draft Trump administration cyber strategy targeted for January release  – CyberScoop” »

Cybersecurity startup AISLE discovered a Medium severity flaw in the WebXR component of Chrome, Edge, and other Chromium browsers. Over 4 billion devices were at risk. Update now.  – Read More  – Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More 

Think your Wi-Fi is safe? Your coding tools? Or even your favorite financial apps? This week proves again how hackers, companies, and governments are all locked in a nonstop race to outsmart each other. Here’s a quick rundown of the latest cyber stories that show how fast the game keeps changing. DeFi exploit drains funds … Read More “ThreatsDay Bulletin: Wi-Fi Hack, npm Worm, DeFi Theft, Phishing Blasts— and 15 More Stories  – The Hacker News” »