Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name “WP-antymalwary-bot.php,” comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code. “Pinging functionality that can report back to a command-and-control (C&C) server  – Read...

As new technologies are developed and honed, threat actors quickly learn that they can be used to infiltrate and steal valuable personal and business information and data. While the benefits of AI (artificial intelligence) does cover many industries, there are just as many that are using AI for nefarious purposes. This can be a double-edged […] The post Phishing, Deep...

A misconfigured, non-password-protected database belonging to TicketToCash exposed data from 520,000 customers, including PII and partial financial details.…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Artificial intelligence (AI) company Anthropic has revealed that unknown threat actors leveraged its Claude chatbot for an “influence-as-a-service” operation to engage with authentic accounts across Facebook and X. The sophisticated activity, branded as financially-motivated, is said to have used its AI tool to orchestrate 100 distinct persons on the two social media platforms, creating a  – Read More  – The...

Security Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” is driving a significant need for a multi-layered approach to detecting threats,  – Read More  – The Hacker News 

Russian companies have been targeted as part of a large-scale phishing campaign that’s designed to deliver a known malware called DarkWatchman. Targets of the attacks include entities in the media, tourism, finance and insurance, manufacturing, retail, energy, telecom, transport, and biotechnology sectors, Russian cybersecurity company F6 said. The activity is assessed to be the work of a  – Read More ...

For over a decade, application security teams have faced a brutal irony: the more advanced the detection tools became, the less useful their results proved to be. As alerts from static analysis tools, scanners, and CVE databases surged, the promise of better security grew more distant. In its place, a new reality took hold—one defined by alert fatigue and overwhelmed...

Enterprise data backup platform Commvault has revealed that an unknown nation-state threat actor breached its Microsoft Azure environment by exploiting CVE-2025-3928 but emphasized there is no evidence of unauthorized data access. “This activity has affected a small number of customers we have in common with Microsoft, and we are working with those customers to provide assistance,” the company  – Read...

SonicWall has revealed that two now-patched security flaws impacting its SMA100 Secure Mobile Access (SMA) appliances have been exploited in the wild. The vulnerabilities in question are listed below – CVE-2023-44221 (CVSS score: 7.2) – Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a remote authenticated attacker with administrative privilege to  – Read More  – The...

He’s not a pop star, but Jeffrey Bowie is alleged to have toured staff areas of a hospital in Oklahoma, hunting for computers he could install spyware on. We dive into the bizarre case of the man accused of hacking medical networks and then sharing how he did it on LinkedIn. Plus! Move over Nigerian princes — the WASPI scams...

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. U.S. prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States and abroad, and that he...

SAN FRANCISCO — North Korean nationals have infiltrated the employee ranks at top global companies more so than previously thought, maintaining a pervasive and potentially widening threat against IT infrastructure and sensitive data. “There are hundreds of Fortune 500 organizations that have hired these North Korean IT workers,” Mandiant Consulting CTO Charles Carmakal said Tuesday during a media briefing at...

US and Greek arrests expose 764 network’s global child abuse ring. Leaders face life for orchestrating violent exploitation…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

SAN FRANCISCO – In her appearance at the RSAC 2025 Conference, Homeland Security Secretary Kristi Noem spoke about getting CISA back to its “core mission” of protecting federal networks and critical infrastructure from cybersecurity threats.  Other cyber policy experts wonder how that is going to unfold with such concentration on cutting CISA’s workforce.  Congressional staffers and cybersecurity policy experts expressed...

Tariff hikes will drive up prices and make it harder for telecommunications providers to replace networks more vulnerable to Chinese hacker intrusion, an industry official told lawmakers Wednesday. “Tariffs will only raise prices,” David Stehlin, CEO of the Telecommunications Industry Association, told Rep. Darren Soto, D-Fla. While it makes sense to find ways to bring production back to the United...

France accuses Russia’s APT28 hacking group (Fancy Bear) of targeting French government entities in a cyber espionage campaign.…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

As the field of artificial intelligence (AI) continues to evolve at a rapid pace, new research has found how techniques that render the Model Context Protocol (MCP) susceptible to prompt injection attacks could be used to develop security tooling or identify malicious tools, according to a new report from Tenable. MCP, launched by Anthropic in November 2024, is a framework...

WordPress sites are under threat from a deceptive anti-malware plugin. Learn how this malware grants backdoor access, hides…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Cybersecurity researchers have shed light on a Russian-speaking cyber espionage group called Nebulous Mantis that has deployed a remote access trojan called RomCom RAT since mid-2022. RomCom “employs advanced evasion techniques, including living-off-the-land (LOTL) tactics and encrypted command and control (C2) communications, while continuously evolving its infrastructure – leveraging  – Read More  – The Hacker News 

Retailer Acts Swiftly to Limit Threat as UK Retail Sector Faces Growing Digital Risks  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

China-linked hackers targeted Uyghur activists using a Trojanized UyghurEditPP app in a spear-phishing campaign, Citizen Lab researchers reveal.…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Google enhances cybersecurity with Agentic AI, launching Unified Security to fight zero-day exploits, enterprise threats, and credential-based attacks.…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

A China-aligned advanced persistent threat (APT) group called TheWizards has been linked to a lateral movement tool called Spellbinder that can facilitate adversary-in-the-middle (AitM) attacks. “Spellbinder enables adversary-in-the-middle (AitM) attacks, through IPv6 stateless address autoconfiguration (SLAAC) spoofing, to move laterally in the compromised network, intercepting packets and  – Read More  – The Hacker News 

How Many Gaps Are Hiding in Your Identity System? It’s not just about logins anymore. Today’s attackers don’t need to “hack” in—they can trick their way in. Deepfakes, impersonation scams, and AI-powered social engineering are helping them bypass traditional defenses and slip through unnoticed. Once inside, they can take over accounts, move laterally, and cause long-term damage—all without  – Read...

Everyone has cybersecurity stories involving family members. Here’s a relatively common one. The conversation usually goes something like this:  “The strangest thing happened to my streaming account. I got locked out of my account, so I had to change my password. When I logged back in, all my shows were gone. Everything was in Spanish and there were all these...

Cybersecurity researchers have revealed that RansomHub’s online infrastructure has “inexplicably” gone offline as of April 1, 2025, prompting concerns among affiliates of the ransomware-as-a-service (RaaS) operation. Singaporean cybersecurity company Group-IB said that this may have caused affiliates to migrate to Qilin, given that “disclosures on its DLS [data leak site] have doubled since  – Read More  – The Hacker News 

Frankfurt am Main, Germany, 30th April 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardrails, including PromptGuard 2, Agent Alignment Checks, and CodeShield. PromptGuard 2 is designed to detect direct  – Read More  – The Hacker News 

SAN FRANCISCO — Leaders of various federal research agencies and departments outlined a vision Tuesday for the future of critical infrastructure security, emphasizing the promise of combining formal software development methods with large language models (LLMs).  Acting DARPA Director Rob McHenry told an audience at the RSAC 2025 Conference that such a combination could “virtually eliminate software vulnerabilities” across foundational...