AttackFeed by Joe Wagner

You’ve got an important choice to make: HubSpot or Salesforce?  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The beginning of Pwn2Own Berlin 2025, hosted at the OffensiveCon conference, has concluded its first two days with…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

The post DOGE could scrap identity protections for those impacted by OPM breach, senator warns appeared first on CyberScoop.   – Read More  – CyberScoop 

When Donald Trump was on the campaign trail, he argued that coordination by the Biden administration and social media companies on disinformation during the COVID-19 pandemic and elections amounted to political censorship. He claimed that supposed censorship stifled the free and unencumbered exchange of ideas essential to democracy, and posed a clear threat to the … Read More “FCC commissioner blasts Trump administration censorship policies  – CyberScoop” »

ReversingLabs discovers dbgpkg, a fake Python debugger that secretly backdoors systems to steal data. Researchers suspect a pro-Ukraine…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Ivanti EPMM users urgently need to patch against actively exploited 0day vulnerabilities (CVE-2025-4427, CVE-2025-4428) that enable pre-authenticated remote…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Coinbase responded to a security incident with combative measures Thursday after the company said cybercriminals bribed some of the cryptocurrency exchange’s international support staff to steal data on customers. The unnamed threat group stole personally identifiable information and other sensitive data on less than 1% of Coinbase’s monthly users, the company said in a blog … Read More “Coinbase flips $20M extortion demand into bounty for info on attackers  – CyberScoop” »

The message was consistent at a House cybersecurity hearing Thursday: pass legislation extending an expiring information-sharing law before it lapses in September, and worry about improving it later. Both lawmakers and witnesses at the hearing of the Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection shared that view about the pending expiration of the 2015 … Read More “Consensus forms on reauthorizing 2015 cyber info-sharing law now, upgrading it later  – CyberScoop” »

Ascension, one of the largest private healthcare companies in the United States, has confirmed that the personal data of some 437,329 patients has been exposed following an attack by cybercriminals. Read more in my article on the Fortra blog.  – Read More  – Graham Cluley 

Quantum computing is on the verge of revolutionizing the technology landscape, much like AI did in 2024. By the end of 2025, quantum computing will emerge as a defining force, ushering in a new era filled with both unprecedented opportunities and significant challenges in securing digital assets. While state-of-the-art quantum computers aren’t yet capable of … Read More “Preparing for the post-quantum era: a CIO’s guide to securing the future of encryption  – CyberScoop” »

Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China. “Over the past few months, it has expanded aggressively, continuously leveraging infected devices to launch external attacks,” NSFOCUS said in a report … Read More “New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors  – The Hacker News” »

Hackers from the Scattered Spider group, known for UK retail attacks, are now targeting US retailers, Google cybersecurity…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective data protection framework? In this article, we’ll explore data protection best … Read More “Top 10 Best Practices for Effective Data Protection  – The Hacker News” »

Welcome to the second day of our first ever Pwn2OwnBerlin. Yesterday, we awarded $260,000 for some amazing research. Today looks to be even better, with more AI on the line, plus SharePoint and VMware ESXi. As always, we’ll be updating this blog with results as we have them. COLLISION – Mohand Acherir & Patrick Ventuzelo … Read More “Pwn2Own Berlin 2025: Day Two Results  – Zero Day Initiative – Blog” »

Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability, referred to as Branch Privilege Injection (BPI), “can be … Read More “Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks  – The Hacker News” »

Cybersecurity researchers have shed light on a new malware campaign that makes use of a PowerShell-based shellcode loader to deploy a remote access trojan called Remcos RAT. “Threat actors delivered malicious LNK files embedded within ZIP archives, often disguised as Office documents,” Qualys security researcher Akshay Thorve said in a technical report. “The attack chain … Read More “Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks  – The Hacker News” »

Modern apps move fast—faster than most security teams can keep up. As businesses rush to build in the cloud, security often lags behind. Teams scan code in isolation, react late to cloud threats, and monitor SOC alerts only after damage is done. Attackers don’t wait. They exploit vulnerabilities within hours. Yet most organizations take days … Read More “[Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications  – The Hacker News” »

The head of the Federal Trade Commission described to lawmakers Thursday new technology, personnel and infrastructure the agency needs as it prepares to implement and enforce the Take It Down Act, placing the FTC’s enforcement wing at the forefront of the fight against nonconsensual deepfake pornography. The FTC’s proposed budget holds funding at $425.7 million, … Read More ” FTC wants a new, segregated software system to police deepfake porn   – CyberScoop” »

Proofpoint has entered into an agreement to acquire Hornetsecurity Group, a Germany-based provider of Microsoft 365 security services, in a deal reportedly valued at more than $1 billion. The acquisition, described as the largest in Proofpoint’s history, comes amid accelerating consolidation in the cybersecurity industry as companies seek to broaden their offerings to enterprise customers … Read More “Proofpoint to acquire Hornetsecurity for over $1 billion  – CyberScoop” »

The FBI said Thursday that malicious actors have been impersonating senior U.S. government officials in a text and voice messaging campaign, using phishing texts and AI-generated audio to trick other government officials into giving up access to their personal accounts. The warning provided few details about the campaign, which started in April and appears to … Read More “FBI warns of fake texts, deepfake calls impersonating senior U.S. officials  – CyberScoop” »

Coinbase insider breach: Bribed overseas agents stole user data; company rejects ransom, offers $20M reward, boosts security, and…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Hundreds of victims are surfacing across the world from zero-day cyberattacks on Europe’s biggest software manufacturer and company, in a campaign that one leading cyber expert is comparing to the vast Chinese government-linked Salt Typhoon and Volt Typhoon breaches of critical infrastructure. The zero-days — vulnerabilities previously unknown to researchers or companies, but that malicious … Read More “SAP cyberattack widens, drawing Salt Typhoon and Volt Typhoon comparisons  – CyberScoop” »

Austrian privacy non-profit noyb (none of your business) has sent Meta’s Irish headquarters a cease-and-desist letter, threatening the company with a class action lawsuit if it proceeds with its plans to train users’ data for training its artificial intelligence (AI) models without an explicit opt-in. The move comes weeks after the social media behemoth announced … Read More “Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit  – The Hacker News” »

A new wave of attacks uses PowerShell and LNK files to secretly install Remcos RAT, enabling full remote…  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto 

Reddit Struggles After Google’s New Focus on Expertise  – Read More  – Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto