Healthcare professionals in the UK are under scrutiny for using artificial intelligence tools that haven’t been officially approved to record and transcribe conversations with patients. A recent investigation has uncovered that several doctors and medical facilities are relying on…
Category: EN
Thousands of WordPress Sites at Risk as Motors Theme Flaw Enables Admin Account Takeovers
A critical security flaw tracked as CVE-2025-4322 has left a widely used premium WordPress theme exposed to attackers. Cybercriminals have been exploiting this vulnerability in the Motors theme to seize administrator accounts, allowing them to fully compromise websites—modifying information,…
Planning your move to Microsoft Defender portal for all Microsoft Sentinel customers
Microsoft is transitioning Microsoft Sentinel into the Microsoft Defender portal to create a unified security operations experience. The post Planning your move to Microsoft Defender portal for all Microsoft Sentinel customers appeared first on Microsoft Security Blog. This article has…
Kimusky Hackers Employ ClickFix Technique to Run Malicious Scripts on Victim Devices
The North Korean state-sponsored hacker collective Kimsuky has been found to use a dishonest technique called “ClickFix” to compromise victim machines in a number of concerning cyberattacks. First documented by Proofpoint in April 2024, ClickFix manipulates users into executing malicious…
What is risk analysis?
Risk analysis is the process of identifying and analyzing potential issues that could negatively affect key business initiatives or projects. This article has been indexed from Security Resources and Information from TechTarget Read the original article: What is risk analysis?
Cyber Threat Intelligence: 3 Key Benefits For SOCs And MSSPs
As attack vectors multiply and threat actors become increasingly sophisticated, security teams struggle to keep pace with the volume and complexity of modern cyber threats. SOCs and MSSPs operate in a high-stakes environment where every minute counts. Main Challenges Of…
International Criminal Court swats away ‘sophisticated and targeted’ cyberattack
Body stays coy on details but alludes to similarities with 2023 espionage campaign The International Criminal Court (ICC) says a “sophisticated” cyberattack targeted the institution, the second such incident in two years.… This article has been indexed from The Register…
New Report Ranks Best And Worst Generative AI Tools For Privacy
Most generative AI companies use client data to train their chatbots. For this, they may use private or public data. Some services take a more flexible and non-intrusive approach to gathering customer data. Not so much for others. A…
TA829 and UNK_GreenSec Share Tactics and Infrastructure in Ongoing Malware Campaigns
Cybersecurity researchers have flagged the tactical similarities between the threat actors behind the RomCom RAT and a cluster that has been observed delivering a loader dubbed TransferLoader. Enterprise security firm Proofpoint is tracking the activity associated with TransferLoader to a…
600,000 WordPress Sites Affected by Arbitrary File Deletion Vulnerability in Forminator WordPress Plugin
On June 20th, 2025, we received a submission for an Arbitrary File Deletion vulnerability in Forminator, a WordPress plugin with more than 600,000 active installations. This vulnerability makes it possible for unauthenticated threat actors to specify arbitrary file paths in…
Hacktivist Group Launches Attacks on 20+ Critical Sectors Amid Iran–Israel Conflict
A series of sophisticated cyberattacks targeting over 20 vital sectors in Israel and its allies has been launched by more than 80 hacktivist groups in a major escalation of cyberwarfare that parallels the ongoing Iran-Israel confrontation. Following Israel’s recent airstrikes…
FBI Warns of Health Insurance Scam Stealing Personal and Medical Data
The Federal Bureau of Investigation (FBI) has issued a warning about a scam where criminals pretend to be… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: FBI Warns…
Snake Keyloggers Exploit Java Utilities to Evade Detection by Security Tools
The S2 Group Intelligence team has uncovered a Russian-origin malware known as Snake Keylogger, a stealer coded in .NET, leveraging legitimate Java utilities to bypass security tools. This operation, distributed via a Malware as a Service (MaaS) model, targets diverse…
FESTO Automation Suite, FluidDraw, and Festo Didactic Products
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO, FESTO Didactic Equipment: CIROS Studio / Education, Automation Suite, FluidDraw, FluidSIM, MES-PC Vulnerability: Out-of-bounds Write 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow…
FESTO Didactic CP, MPS 200, and MPS 400 Firmware
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Didactic Equipment: CP, MPS 200, MPS 400 Vulnerability: Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of…
FESTO CODESYS
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: FESTO Equipment: CODESYS Vulnerabilities: Partial String Comparison, Uncontrolled Resource Consumption, Memory Allocation with Excessive Size Value 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow…
Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor
A sophisticated multi-stage malware campaign has been discovered targeting WordPress websites, employing an intricate infection chain that delivers Windows trojans to unsuspecting visitors while maintaining complete invisibility to standard security checks. The malware represents a significant evolution in web-based attack…
Google Chrome May Soon Turn Webpages Into Podcasts With AI Audio Overviews
Google Chrome for Android is on the verge of a major upgrade that could reshape how users consume online content. The browser is testing a new feature called AI Audio Overviews, which transforms any webpage into a podcast-style audio summary,…
Update your Chrome to fix new actively exploited zero-day vulnerability
Google has released an urgent update for the Chrome browser to patch a vulnerability which has already been exploited. This article has been indexed from Malwarebytes Read the original article: Update your Chrome to fix new actively exploited zero-day vulnerability
How AI Impacts KYC and Financial Security
Finance has become a top target for deepfake-enabled fraud in the KYC process, undermining the integrity of identity-verification frameworks that help counter-terrorism financing (CTF) and anti-money laundering (AML) systems. Experts have found a rise in suspicious activity using AI-generated media,…