Attack Feeds
Cary, North Carolina, 22nd May 2025, CyberNewsWire – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
In this week’s episode, Graham investigates the mysterious Iberian Peninsula blackout (aliens? toaster? cyberattack?), Carole dives in the UK legal aid hack that exposed deeply personal data of society’s most vulnerable, and Dinah Davis recounts how Instagram scammers hijacked her daughter’s account – and how a parental control accidentally saved the day. – Read More … Read More “Smashing Security podcast #418: Grid failures, Instagram scams, and Legal Aid leaks – Graham Cluley” »
Attack Feeds
Microsoft disrupts Lumma Stealer network, seizing 2,000 domains linked to 394,000 infections in global cybercrime crackdown with law enforcement partners. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
As the crypto market continues to mature, investors are looking for sophisticated financial instruments that allow them to… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
Threat actor ‘ByteBreaker’ claims to sell 1.2B Facebook records scraped via API abuse, but inconsistencies in data size and identity raise doubts. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
An appeals court on Wednesday rejected a bid by the widow of murdered Washington Post journalist Jamal Khashoggi to revive a lawsuit against spyware maker NSO Group, whom she alleged played a role in her husband’s death. The U.S. District Court for the Eastern District of Virginia had dismissed the suit from Hanan Elatr Khashoggi, … Read More “Appeals court rejects attempt by Khashoggi widow to renew suit against NSO Group – CyberScoop” »
Attack Feeds
LummaC2 infected around 10 million devices and systems, allowing for millions of follow-on attacks, before the information-stealing malware operation was dismantled through a coordinated global operation this week, Brett Leatherman, the FBI’s deputy assistant director for cyber operations, said during a media briefing Wednesday. “Since its inception in 2022, LummaC2’s malware-as-a-service platform rose to become … Read More “Lumma infostealer infected about 10 million systems before global disruption – CyberScoop” »
Attack Feeds
Russian cyber threat actors have been attributed to a state-sponsored campaign targeting Western logistics entities and technology companies since 2022. The activity has been assessed to be orchestrated by APT28 (aka BlueDelta, Fancy Bear, or Forest Blizzard), which is linked to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, Military … Read More “Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics – The Hacker News” »
Attack Feeds
A joint advisory from intelligence and cybersecurity agencies in the United States, United Kingdom, Canada, Australia and multiple European countries has detailed an ongoing Russian state-sponsored campaign targeting Western logistics organizations and technology companies, especially those supporting aid to Ukraine. The campaign, orchestrated by the group known as APT28 or Fancy Bear, has relied heavily … Read More “Multi-national warning issued over Russia’s targeting of logistics, tech firms – CyberScoop” »
Gov/ISAC Feeds
Today, CISA and the Federal Bureau of Investigation released a joint Cybersecurity Advisory, LummaC2 Malware Targeting U.S. Critical Infrastructure Sectors. This advisory details the tactics, techniques, and procedures, and indicators of compromise (IOCs) linked to threat actors deploying LummaC2 malware. This malware poses a serious threat, capable of infiltrating networks and exfiltrating sensitive information, to … Read More “Threat Actors Target U.S. Critical Infrastructure with LummaC2 Malware – All CISA Advisories” »
Gov/ISAC Feeds
CISA released thirteen Industrial Control Systems (ICS) advisories on May 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-140-01 ABUP IoT Cloud Platform ICSA-25-140-02 National Instruments Circuit Design Suite ICSA-25-140-03 Danfoss AK-SM 8xxA Series ICSA-25-140-04 Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products ICSA-25-140-05 Siemens Siveillance … Read More “CISA Releases Thirteen Industrial Control Systems Advisories – All CISA Advisories” »
Gov/ISAC Feeds
Summary The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint advisory to disseminate known tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with threat actors deploying the LummaC2 information stealer (infostealer) malware. LummaC2 malware is able to infiltrate victim computer networks and exfiltrate … Read More “Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations – CISA Cybersecurity Advisories” »
Attack Feeds
Lumma Stealer, a widely used infostealer malware linked to cybercrime sprees and multiple high-profile attacks, was dismantled through a coordinated global operation meant to seize its core infrastructure. The infostealer’s central command, malicious domains and marketplaces where the tool was sold to other cybercriminals have been seized or suspended, Steven Masada, assistant general counsel at … Read More “Lumma Stealer toppled by globally coordinated takedown – CyberScoop” »
Privacy/Governance Feed
A new malware campaign disguised as Kling AI used fake Facebook ads and counterfeit websites to distribute an infostealer – Read More –
Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products – All CISA Advisories
Gov/ISAC Feeds
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.3 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Iconics Digital Solutions, Mitsubishi Electric Equipment: ICONICS Product Suite and Mitsubishi Electric MC Works64 Vulnerability: Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of this vulnerability could result in information tampering on the target workstation. 3. TECHNICAL DETAILS 3.1 … Read More “Mitsubishi Electric Iconics Digital Solutions and Mitsubishi Electric Products – All CISA Advisories” »
Gov/ISAC Feeds
NCSC CEO urges all businesses to face the stark reality of the cyber threat they face, whether in the spotlight or not. – Read More – NCSC Feed
Privacy/Governance Feed
Patched privilege escalation flaw in Google Cloud Platform linked to wider cloud security concerns – Read More –
Attack Feeds
KrebsOnSecurity hit and survided a record-breaking 6.3 Tbps DDoS attack linked to the Aisuru IoT botnet, but it shows the vulnerable state of IoT devices. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Gov/ISAC Feeds
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: AutomationDirect Equipment: MB-Gateway Vulnerability: Missing Authentication For Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to make configuration changes, disrupt operations, or achieve arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following AutomationDirect … Read More “AutomationDirect MB-Gateway – All CISA Advisories” »
Attack Feeds
Russian organizations have become the target of a phishing campaign that distributes malware called PureRAT, according to new findings from Kaspersky. “The campaign aimed at Russian business began back in March 2023, but in the first third of 2025 the number of attacks quadrupled compared to the same period in 2024,” the cybersecurity vendor said. … Read More “PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms – The Hacker News” »
Gov/ISAC Feeds
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: PrismaSeT Active – Wireless Panel Server Vulnerability: Buffer Copy without Checking Size of Input (‘Classic Buffer Overflow’) 2. RISK EVALUATION Successful exploitation of this vulnerability could allow unauthorized code execution, which could result in the unavailability of the … Read More “Schneider Electric PrismaSeT Active – Wireless Panel Server – All CISA Advisories” »
Gov/ISAC Feeds
Today, CISA, the National Security Agency, the Federal Bureau of Investigation, and other U.S. and international partners released a joint Cybersecurity Advisory, Russian GRU Targeting Western Logistics Entities and Technology Companies. This advisory details a Russian state-sponsored cyber espionage-oriented campaign targeting technology companies and logistics entities, including those involved in the coordination, transport, and … Read More “Russian GRU Cyber Actors Targeting Western Logistics Entities and Tech Companies – All CISA Advisories” »
Gov/ISAC Feeds
Executive Summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff … Read More “Russian GRU Targeting Western Logistics Entities and Technology Companies – All CISA Advisories” »
Attack Feeds
Continuous Integration and Continuous Delivery/Deployment (CI/CD) refers to practices that automate how code is developed and released to different environments. CI/CD pipelines are fundamental in modern software development, ensuring code is consistently tested, built, and deployed quickly and efficiently. While CI/CD automation accelerates software delivery, it can also introduce security – Read More – The … Read More “Securing CI/CD workflows with Wazuh – The Hacker News” »
Attack Feeds
Counterfeit Facebook pages and sponsored ads on the social media platform are being employed to direct users to fake websites masquerading as Kling AI with the goal of tricking victims into downloading malware. Kling AI is an artificial intelligence (AI)-powered platform to synthesize images and videos from text and image prompts. Launched in June 2024, … Read More “Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims – The Hacker News” »
Attack Feeds
The world we live in is packed with data. Texts, emails, social media posts, deleted files, you name… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the access they need. Left undetected, these threats can lead to credential theft, unauthorized access, and even full-scale breaches. As phishing techniques become more evasive, they can no longer be reliably caught by … Read More “How to Detect Phishing Attacks Faster: Tycoon2FA Example – The Hacker News” »
Attack Feeds
When the news broke that a Chinese hacking group known as Salt Typhoon had penetrated multiple U.S. telecommunications networks, gained access to the phones of a presidential campaign, and collected geolocation data on high-value targets around Washington D.C., one of the first questions on the minds of executives and U.S. officials was how long it … Read More “A house full of open windows: Why telecoms may never purge their networks of Salt Typhoon – CyberScoop” »
Privacy/Governance Feed
The 19-year-old and his accomplices obtained key data for the extortion scheme in a 2022 breach of a US telco – Read More –
Privacy/Governance Feed
ITRC report finds that 39% of American consumers believe biometric use should be banned – Read More –
Attack Feeds
Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App (PWA) scam. “While the payload itself is nothing new (yet another adult gambling scam), the delivery method stands out,” c/side researcher Himanshu Anand said in a Tuesday analysis. “The … Read More “Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps – The Hacker News” »
Attack Feeds
Scammers impersonate Kling AI (AI-powered video generation tool) using fake ads and websites to spread malware. Check Point Research details how the attack tricks users into downloading RATs. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Privacy/Governance Feed
An M&S trading update estimates the ongoing cyber-incident will cost £300m, largely from lost sales due to the suspension of online orders – Read More –
Privacy/Governance Feed
A new NCSC guide offers useful information on how to safely and securely dispose of end-of-life assets – Read More –
Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager – The Hacker News
Attack Feeds
Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user’s password when it detects the credentials to be compromised. “When Chrome detects a compromised password during sign in, Google Password Manager prompts the user with an option to fix it automatically,” Google’s Ashima Arora, Chirag … Read More “Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager – The Hacker News” »
Attack Feeds
How to prove your identity after your account gets hacked and how to improve security for the future Phone lost or stolen? Practical steps to restore peace of mind UK passport lost or stolen? Here are the steps you need to take Your Facebook or Instagram account can be your link to friends, a profile … Read More “What to do if you can’t get into your Facebook or Instagram account – Data and computer security | The Guardian” »
Attack Feeds
KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching … Read More “KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS – Krebs on Security” »
Attack Feeds
A Massachusetts man will plead guilty to charges related to the hack of PowerSchool, the education software vendor that says it supports more than 60 million students, and that led to ransom demands at school boards and districts across the United States. In court documents filed Tuesday, prosecutors spelled out charges against 19-year-old Assumption University … Read More “Massachusetts man will plead guilty in PowerSchool hack case – CyberScoop” »
Attack Feeds
A threat actor known as Hazy Hawk has been observed hijacking abandoned cloud resources of high-profile organizations, including Amazon S3 buckets and Microsoft Azure endpoints, by leveraging misconfigurations in the Domain Name System (DNS) records. The hijacked domains are then used to host URLs that direct users to scams and malware via traffic distribution systems … Read More “Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery – The Hacker News” »
Gov/ISAC Feeds
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Modicon Controllers M241/M251/M258/LMC058 Vulnerability: Externally Controlled Reference to a Resource in Another Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a loss of confidentiality when an unauthenticated attacker manipulates a controller’s webserver URL to access … Read More “Schneider Electric Modicon Controllers – All CISA Advisories” »
Gov/ISAC Feeds
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: Galaxy VS, Galaxy VL, Galaxy VXL Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to perform unauthenticated remote code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following … Read More “Schneider Electric Galaxy VS, Galaxy VL, Galaxy VXL – All CISA Advisories” »
Gov/ISAC Feeds
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vertiv Equipment: Liebert RDU101 and Liebert UNITY Vulnerabilities: Authentication Bypass Using an Alternate Path or Channel, Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or achieve remote code execution … Read More “Vertiv Liebert RDU101 and UNITY – All CISA Advisories” »
Gov/ISAC Feeds
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens’ ProductCERT Security Advisories (CERT Services | Services | Siemens Global). View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.5 ATTENTION: Exploitable remotely Vendor: … Read More “Siemens Siveillance Video – All CISA Advisories” »
Gov/ISAC Feeds
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.3 ATTENTION: Exploitable remotely Vendor: Danfoss Equipment: AK-SM 8xxA Series Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could enable a remote attacker to bypass authentication and execute arbitrary code remotely. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of AK-SM 800A system manager … Read More “Danfoss AK-SM 8xxA Series – All CISA Advisories” »
Gov/ISAC Feeds
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable remotely/Low attack complexity Vendor: ABUP Equipment: ABUP Internet of Things (IoT) Cloud Platform Vulnerability: Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access device profiles for which they are not authorized. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS … Read More “ABUP IoT Cloud Platform – All CISA Advisories” »
Attack Feeds
In episode 51 of The AI Fix, a Greek man’s marriage is destroyed after ChatGPT reads his coffee, a woman dumps her husband to marry an AI called Leo, and Graham wonders whether it’s time to upload his brain into a lunchbox-packing robot. Meanwhile, a humanoid robot goes full Michael Crawford in a Chinese factory, … Read More “The AI Fix #51: Divorce by coffee grounds, and why AI robots need your brain – Graham Cluley” »
Attack Feeds
Infoblox reveals Hazy Hawk, a new threat exploiting abandoned cloud resources (S3, Azure) and DNS gaps since Dec… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Privacy/Governance Feed
The Venice.ai chatbot gained traction in hacking forums for its uncensored access to advanced models – Read More –
Attack Feeds
An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. “The actor creates websites that masquerade as legitimate services, productivity tools, ad and media creation or analysis – Read … Read More “100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads – The Hacker News” »
Privacy/Governance Feed
A data breach at Nationwide Recovery Services compromised data of 200,000 Harbin Clinic patients – Read More –