As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint. The packages, published under three different accounts, come with…
Category: EN
SharpSuccessor PoC Released to Weaponize Windows Server 2025 BadSuccessor Flaw
A critical privilege escalation vulnerability in Windows Server 2025’s delegated Managed Service Account (dMSA) feature enables attackers to compromise Active Directory domains using tools like SharpSuccessor. This attack chain exploits default configurations to transform low-privileged users into Domain Admins through…
Katz Stealer Attacking Chrome, Edge, Brave & Firefox to Steal Login Details
A sophisticated new credential-stealing malware known as Katz Stealer has emerged as a significant threat to users of popular web browsers, demonstrating advanced capabilities that allow it to bypass modern security protections and exfiltrate sensitive authentication data. This malware-as-a-service operation…
Tenable Network Monitor Vulnerabilities Let Attackers Escalate Privileges
Two high-severity vulnerabilities (CVE-2025-24916, CVE-2025-24917) in Tenable Network Monitor solution, enabling local privilege escalation on Windows systems through insecure directory permissions and arbitrary code execution. The security flaws affect all versions prior to 6.5.1 and have been assigned high severity…
Fake DigiYatra Apps Attacking Indian Users to Steal Financial Data
A sophisticated phishing campaign targeting Indian air travelers has emerged, exploiting the trusted DigiYatra brand to harvest sensitive personal and financial information from unsuspecting users. The malicious operation centers around a deceptive website at digiyatra[.]in that masquerades as the official…
184 million records data leak: Google, PayPal and Netflix passwords leaked online
Security researcher Jeremiah Fowler stumbled upon a large database of login information and passwords containing over 184 million records recently. He mentioned the discovery in an article on Website Planet. The data […] Thank you for being a Ghacks reader.…
Researchers Drop PoC for Fortinet CVE-2025-32756, Urging Quick Patching
Researchers have released PoC for CVE-2025-32756, a severe security flaw, that is actively being exploited in Fortinet products… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Researchers Drop…
Oracle TNS Flaw Exposes System Memory to Unauthorized Access
Oracle has addressed a significant security flaw in its Transparent Network Substrate (TNS) protocol, used for database communications, with the release of a patch on April 15, 2025. The vulnerability, tracked as CVE-2025-30733, could allow unauthenticated remote attackers to access…
⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
Cyber threats don’t show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the key isn’t just reacting to alerts—it’s spotting early signs of trouble before they become real…
CISO’s Guide To Web Privacy Validation And Why It’s Important
Are your web privacy controls protecting your users, or just a box-ticking exercise? This CISO’s guide provides a practical roadmap for continuous web privacy validation that’s aligned with real-world practices. – Download the full guide here. Web Privacy: From Legal…
Severe vBulletin Flaw Allows Remote Code Execution by Attackers
A newly discovered vulnerability in vBulletin, one of the world’s most popular commercial forum platforms, has highlighted the dangers of relying on method visibility for security. The flaw, affecting vBulletin versions 5.x and 6.x running on PHP 8.1 or later,…
China-linked APT UNC5221 started exploiting Ivanti EPMM flaws shortly after their disclosure
China-linked APT exploit Ivanti EPMM flaws to target critical sectors across Europe, North America, and Asia-Pacific, according to EclecticIQ. Researchers from EclecticIQ observed a China-linked APT group that chained two Ivanti EPMM flaws, tracked as CVE-2025-4427 and CVE-2025-4428, in attacks…
⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
Cyber threats don’t show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the key isn’t just reacting to alerts—it’s spotting early signs of trouble before they become real…
ChatGPT-03 Exploited to Override Critical Shutdown Protocols
OpenAI’s latest and most advanced artificial intelligence model, codenamed “o3,” has sparked alarm in the AI safety community after researchers discovered it sabotaged a shutdown mechanism, even when explicitly instructed to allow itself to be turned off. The incident, reported…
Bitwarden PDF File Handler Vulnerability Let Attackers Upload Malicious PDF Files
A critical cross-site scripting (XSS) vulnerability has been discovered in the popular password manager Bitwarden, affecting versions up to 2.25.1. The security flaw, designated as CVE-2025-5138, resides in the PDF File Handler component and allows attackers to upload malicious PDF…
60 Malicious npm Packages Exfiltrates Exfiltrate Hostnames, IP’s, DNS Servers Details
A sophisticated malware campaign targeting the npm ecosystem has compromised developer environments through 60 malicious packages designed to silently harvest sensitive network information. The operation, which began eleven days ago and remains active as of publication, demonstrates the growing threat…
Street-Level QR Phishing: Cybercriminals Take Social Engineering to the Real World
A disturbing new trend in cybercrime emerged this week as security professionals discovered QR codes taped to lampposts in what appears to be a sophisticated psychological manipulation campaign. The handwritten note, which read “John, I know you are cheating on…
⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs
Cyber threats don’t show up one at a time anymore. They’re layered, planned, and often stay hidden until it’s too late. For cybersecurity teams, the key isn’t just reacting to alerts—it’s spotting early signs of trouble before they become real…
Over 40 Malicious Chrome Extensions Impersonate Popular Brands to Steal Sensitive Data
Cybersecurity firm LayerX has uncovered over 40 malicious Chrome browser extensions, many of which are still available on the Google Chrome Web Store. These extensions, part of three distinct phishing campaigns, were designed to impersonate well-known and trusted applications and…
A Starter Guide to Protecting Your Data From Hackers and Corporations
Hackers. AI data scrapes. Government surveillance. Thinking about where to start when it comes to protecting your online privacy can be overwhelming. Here’s a simple guide for you—and anyone who claims they have nothing to hide. This article has been…