Privacy/Governance Feed
A data breach at Nationwide Recovery Services compromised data of 200,000 Harbin Clinic patients – Read More –
Attack Feeds
Weeks after LockBit ransomware breach, leaked data reveals how affiliates generate ransomware, set ransom demands, and often walk away unpaid. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Privacy/Governance Feed
Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities – Read More –
Attack Feeds
Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. “These roles, often created automatically or recommended during setup, grant overly broad permissions, such as full … Read More “AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation – The Hacker News” »
Attack Feeds
High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. “The attackers used spear phishing emails paired with geofenced payloads to ensure that only victims in specific countries received the malicious content,” Acronis researchers Santiago Pontiroli, Jozsef Gegeny, and … Read More “South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware – The Hacker News” »
Attack Feeds
RVTools installer on its official site was found delivering malware. Research shows it spread Bumblebee loader. Users urged to verify downloads. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
Eric Council Jr. pleaded guilty to charges related to the January 2024 hack of the US Securities and Exchange Commission’s (SEC) Twitter account, which saw a fake announcement about the Bitcoin cryptocurrency posted to its followers. Read more in my article on the Hot for Security blog. – Read More – Graham Cluley
Privacy/Governance Feed
Thales found that 73% of organizations are investing in AI-specific security tools, amid surging takeup of GenAI tools in enterprises – Read More –
Attack Feeds
In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have to handle. The findings reveal a complex … Read More “The Crowded Battle: Key Insights from the 2025 State of Pentesting Report – The Hacker News” »
Attack Feeds
Nitrogen, a ransomware strain, has emerged as a major threat to organizations worldwide, with a particular focus on… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
The first time some of the largest telecom companies in the world heard of Salt Typhoon was in a Wall Street Journal article. The story, which was published last September, blindsided company executives and industry insiders. As news of the attack on the country’s broadband networks broke, the scope and severity of the breach became … Read More “‘Whatever we did was not enough’: How Salt Typhoon slipped through the government’s blind spots – CyberScoop” »
Attack Feeds
Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker that targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake. ESET, which first discovered the hacking group’s intrusions targeting the entity in March 2023 and again a year later, said the activity leverages spear-phishing emails using … Read More “Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization – The Hacker News” »
Privacy/Governance Feed
Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media – Read More –
Privacy/Governance Feed
Regeneron, which intends to acquire 23andMe for $256m, says data security and privacy will be a priority – Read More –
Gov/ISAC Feeds
How to retire digital assets (such as data, software, or hardware) from operation. – Read More – NCSC Feed
Attack Feeds
Cybersecurity researchers are calling attention to a new Linux cryptojacking campaign that’s targeting publicly accessible Redis servers. The malicious activity has been codenamed RedisRaider by Datadog Security Labs. “RedisRaider aggressively scans randomized portions of the IPv4 space and uses legitimate Redis configuration commands to execute malicious cron jobs on vulnerable systems,” – Read More – … Read More “Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse – The Hacker News” »
Attack Feeds
Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are below – checker-SaGaF (2,605 downloads) steinlurks (1,049 downloads) sinnercore (3,300 … Read More “Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts – The Hacker News” »
Attack Feeds
DDoSecrets indexes 410GB of breached TeleMessage data, including messages and metadata, from hack tied to unsecured Signal clone used by US government officials. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
Serviceaide data leak exposes sensitive health info of 500K Catholic Health patients due to misconfigured database; risk of ID theft and fraud. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Gov/ISAC Feeds
CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-4427 Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability CVE-2025-4428 Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability CVE-2024-11182 MDaemon Email Server Cross-Site Scripting (XSS) Vulnerability CVE-2025-27920 Srimax Output Messenger Directory Traversal Vulnerability CVE-2024-27443 Synacor Zimbra Collaboration Suite … Read More “CISA Adds Six Known Exploited Vulnerabilities to Catalog – All CISA Advisories” »
Attack Feeds
The UK Legal Aid Agency has suffered a major cyberattack, with “significant” sensitive data, including criminal records, stolen.… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
Eric Council Jr. sentenced for 2024 SIM swap that led to fake Bitcoin ETF tweet from SEC’s X account, briefly impacting crypto markets. – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer – The Hacker News
Attack Feeds
The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. “Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience,” the company said in a statement posted on its website. “Robware.net and RVTools.com are the only authorized and … Read More “RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer – The Hacker News” »
Attack Feeds
The federal cybersecurity workforce — an ever-shrinking group of tech talent under the Trump administration — would get a government-run training and development boost under a new bill from a bipartisan pair of House lawmakers. The Federal Cyber Workforce Training Act from Reps. Pat Fallon, R-Texas, and Marcy Kaptur, D-Ohio, calls on the National Cyber … Read More “Federal cyber workforce training institute eyed in bipartisan House bill – CyberScoop” »
Privacy/Governance Feed
Malicious dbgpkg package on PyPI poses as a debugging utility but acts as a delivery mechanism for a stealthy backdoor – Read More –
Attack Feeds
Several ransomware actors are using a malware called Skitnet as part of their post-exploitation efforts to steal sensitive data and establish remote control over compromised hosts. “Skitnet has been sold on underground forums like RAMP since April 2024,” Swiss cybersecurity company PRODAFT told The Hacker News. “However, since early 2025, we have observed multiple ransomware … Read More “Ransomware Gangs Use Skitnet Malware for Stealthy Data Theft and Remote Access – The Hacker News” »
Privacy/Governance Feed
RomethemeKit for Elementor has released a patch addressing an RCE vulnerability exposing 30,000 sites – Read More –
Attack Feeds
Bloomin’ eck! I’m delighted to share with you that “The AI Fix” is up for an award! – Read More – Graham Cluley
Attack Feeds
A new report from Zimperium is alerting users about growing threats facing iOS devices, particularly those tied to… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Privacy/Governance Feed
Civil society groups and academics are calling for the EU’s GDPR to remain unchanged following the EU Commission’s plans to revisit it – Read More –
Attack Feeds
Disciplined, well-trained, and well-equipped, AI agents are digital soldiers. They operate independently to carry out their orders, working… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
Mozilla Firefox experiments with AI-powered Perplexity Search Engine in its address bar for version 139, signalling a potential… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
Cybersecurity leaders aren’t just dealing with attacks—they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow. Just fixing problems isn’t enough anymore—resilience needs to be built into everything from the ground up. – Read … Read More “⚡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More – The Hacker News” »
Attack Feeds
Mozilla has released security updates to address two critical security flaws in its Firefox browser that could be potentially exploited to access sensitive data or achieve code execution. The vulnerabilities, both of which were exploited as a zero-day at Pwn2Own Berlin, are listed below – CVE-2025-4918 – An out-of-bounds access vulnerability when resolving Promise objects … Read More “Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards – The Hacker News” »
Attack Feeds
Continuous Threat Exposure Management (CTEM) has moved from concept to cornerstone, solidifying its role as a strategic enabler for CISOs. No longer a theoretical framework, CTEM now anchors today’s cybersecurity programs by continuously aligning security efforts with real-world risk. At the heart of CTEM is the integration of Adversarial Exposure Validation (AEV), an advanced, offensive … Read More “Why CTEM is the Winning Bet for CISOs in 2025 – The Hacker News” »
Attack Feeds
Cybersecurity is the frontline of our national security. President Donald Trump and his adviser, Elon Musk, are doing more damage to our cyber defenses than Moscow or Beijing have done in decades. They are taking our defense off the field and hoping our enemies don’t take a shot at the end zone. They are wrong, … Read More “Don’t let DOGE destroy CISA – CyberScoop” »
Privacy/Governance Feed
An Alabama man has been sentenced to 14 months for hacking the SEC’s X account – Read More –
Privacy/Governance Feed
The UK government says that hackers accessed a “large amount” of personal information in attack on Legal Aid Agency – Read More –
Privacy/Governance Feed
Security experts tell Infosecurity about the cloud attack trends in the past year, and how CISOs can mitigate evolving techniques – Read More –
Attack Feeds
FBI has warned about a sophisticated vishing and smishing campaign using AI-generated voice memos to impersonate senior US… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
ESET reports on RoundPress, a cyber espionage campaign by Russia’s Fancy Bear (Sednit) targeting Ukraine-related organizations via webmail… – Read More – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Attack Feeds
Welcome to the third and final day of Pwn2Own Berlin 2025. We’ start the day at $695,000 awarded for the contest. It will be interesting to see if we can breach the million dollar mark. Stay tuned for all of the results. COLLISION – Although Angelboy (@scwuaptx) from DEVCORE Research Team successfully demonstrated their privilege … Read More “Pwn2Own Berlin 2025: Day Three Results – Zero Day Initiative – Blog” »
Alert Feeds
Posted by Shaikh Shahnawaz on May 16 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor of Product] RSI Queue (https://www.rsiqueue.com/) [Vulnerability Type] Blind SQL Injection [Affected Component] The vulnerable component is the TaskID parameter in the get request. [CVE Reference] CVE-2025-26086 [Security Issue] An unauthenticated blind SQL injection vulnerability … Read More “Unauthenticated Blind SQL Injection | RSI queue management system – V 3.0 | CVE-2025-26086 – Full Disclosure” »
Alert Feeds
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16 SEC Consult Vulnerability Lab Security Advisory < 20250422-0 > ======================================================================= title: Local Privilege Escalation via DLL Search Order Hijacking product: Ivanti Endpoint Manager Security Scan (Vulscan) Self Update vulnerable version: EPM 2022 SU6 and previous, EPM 2024 fixed version: EPM 2022 SU7 and … Read More “SEC Consult SA-20250422-0:: Local Privilege Escalation via DLL Search Order Hijacking – Full Disclosure” »
Alert Feeds
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16 SEC Consult Vulnerability Lab Security Advisory < publishing date 20250429-0 > Combined Security Advisory for Sure Access Enterprise and Sure Click Enterprise ======================================================================= title: Multiple Vulnerabilities product: HP Wolf Security Controller / HP Sure Access Enterprise / HP Sure Click Enterprise vulnerable version: … Read More “SEC Consult SA-20250429-0 :: Multiple Vulnerabilities in HP Wolf Security Controller and more – Full Disclosure” »
Alert Feeds
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 16 SEC Consult Vulnerability Lab Security Advisory < 20250507-0 > ======================================================================= title: Authenticated Command Injection product: Honeywell MB-Secure vulnerable version: MB-Secure versions from V11.04 and prior to V12.53, MB-Secure PRO versions from V01.06 and prior to V03.09 fixed version: MB-Secure v12.53, MB-Secure PRO v03.09 … Read More “SEC Consult SA-20250506-0 :: Honeywell MB Secure Authenticated Command Injection – Full Disclosure” »
Alert Feeds
Posted by Sebastian Auwärter via Fulldisclosure on May 16 Advisory ID: SYSS-2025-006 Product: Tiiwee X1 Alarm System Manufacturer: Tiiwee B.V. Affected Version(s): TWX1HAKV2 Tested Version(s): TWX1HAKV2 Vulnerability Type: Authentication Bypass by Capture-replay (CWE-294) Risk Level: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N Solution Status: Open Manufacturer Notification: 2025-01-27… – Read More – Full Disclosure
Alert Feeds
Posted by Ron E on May 16 A persistent cross-site scripting (XSS) vulnerability exists in gugoan’s Economizzer v.0.9-beta1. The application fails to properly sanitize user-supplied input when creating a new category via the *category/create *endpoint. An attacker can inject malicious JavaScript payloads that are permanently stored and later executed in the context of any … Read More “Persistent Cross-Site Scripting in Economizzer Category Entry – Full Disclosure” »
Alert Feeds
Posted by Ron E on May 16 A session management vulnerability exists in gugoan’s Economizzer v.0.9-beta1. The application fails to properly invalidate user sessions upon logout or other session termination events. As a result, a valid session remains active and usable even after the user has attempted to log out. POST /web/category/create HTTP/2 Host: … Read More “Session Invalidation in Economizzer Allows Unauthorized Access After Logout – Full Disclosure” »
Alert Feeds
Posted by Apple Product Security via Fulldisclosure on May 16 APPLE-SA-05-12-2025-8 visionOS 2.5 visionOS 2.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122721. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleJPEG Available for: Apple Vision Pro Impact: Processing a … Read More “APPLE-SA-05-12-2025-8 visionOS 2.5 – Full Disclosure” »